Lucene search
HistoryApr 05, 2024 - 8:15 p.m.
CVE-2024-29748
logic error
privilege escalation
user interaction
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
35.7%
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Affected configurations
Node
googleandroidMatch-
googlepixelMatch-
Related
cvelist
cvelist
CVE-2024-29748
2024-04-05 20:02:16
attackerkb
attackerkb
CVE-2024-29748
2024-04-05 00:00:00
cve
cve
CVE-2024-29748
2024-04-05 20:15:08
cisa_kev
cisa_kev
Android Pixel Privilege Escalation Vulnerability
2024-04-04 00:00:00
thn
thn
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
2024-04-03 16:10:00
Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day
2024-06-13 07:08:00
malwarebytes
malwarebytes
Google patches critical vulnerability for Androids with Qualcomm chips
2024-04-03 20:40:40
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
35.7%
Related for NVD:CVE-2024-29748