Lucene search

K
cvelistGoogle_androidCVELIST:CVE-2024-0024
HistoryMay 07, 2024 - 9:03 p.m.

CVE-2024-0024

2024-05-0721:03:30
google_android
www.cve.org
possible failure
input validation
user restrictions
local escalation
privilege
user interaction

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Android",
    "versions": [
      {
        "version": "14",
        "status": "affected"
      },
      {
        "version": "13",
        "status": "affected"
      },
      {
        "version": "12L",
        "status": "affected"
      },
      {
        "version": "12",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVELIST:CVE-2024-0024