There is a possible Local bypass of user interaction due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2024-10-01 | Vendor Advisory |
Configurations
History
28 Oct 2024, 13:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Google android
|
|
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
References | () https://source.android.com/security/bulletin/pixel/2024-10-01 - Vendor Advisory | |
Summary |
|
25 Oct 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
25 Oct 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-25 11:15
Updated : 2024-10-28 13:56
NVD link : CVE-2024-44099
Mitre link : CVE-2024-44099
CVE.ORG link : CVE-2024-44099
JSON object : View
Products Affected
- android
CWE
CWE-863
Incorrect Authorization