Products
Android
- UNKNOWN
Source
security@android.com
Tags
CVE-2024-0022 details
Published : May 7, 2024, 9:15 p.m.
Last Modified : May 7, 2024, 9:15 p.m.
Last Modified : May 7, 2024, 9:15 p.m.
Description
In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://android.googlesource.com/platform/frameworks/base/+/bdf1cce569c9700965ff6baee8efd3fb1e8269e8 | security@android.com |
https://source.android.com/security/bulletin/2024-04-01 | security@android.com |
This website uses the NVD API, but is not approved or certified by it.