Lucene search
+L

62 matches found

Cvelist
Cvelist
added 2024/11/13 5:25 p.m.21 views

CVE-2024-43087

In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/13 12:0 a.m.7 views

PT-2024-30287 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a logic error in the code of AccessibilitySettings.java, specifically in the getInstalledAccessibilityPreferences method. This error could allow an enabled...

8.4CVSS7AI score0.00112EPSS
Exploits0References6
OSV
OSV
added 2024/11/01 12:0 a.m.15 views

ASB-A-353700779

In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges...

8.4CVSS7.3AI score0.00112EPSS
Exploits0References2
NVD
NVD
added 2024/07/09 9:15 p.m.24 views

CVE-2024-31322

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS0.00103EPSS
Exploits0References2
OSV
OSV
added 2024/07/09 9:15 p.m.5 views

CVE-2024-31322

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS5.9AI score0.00103EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 8:9 p.m.18 views

CVE-2024-31322

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.1AI score0.00103EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 8:9 p.m.28 views

CVE-2024-31322

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

0.00103EPSS
Exploits0References2
OSV
OSV
added 2024/06/01 12:0 a.m.22 views

ASB-A-326485767

In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8CVSS7.8AI score0.00103EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/04/26 10:42 a.m.49 views

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/30 3:12 p.m.30 views

MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/29 8:10 a.m.43 views

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

A new Android malware strain called CherryBlos has been observed making use of optical character recognition OCR techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal...

6.5AI score
Exploits0
OSV
OSV
added 2023/05/15 10:15 p.m.3 views

CVE-2023-21109

In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/15 12:0 a.m.5 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in the AccessibilityService's code in multiple locations. An attacker can exploit the vulnerability to escalate privileges...

7.8CVSS7.5AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2023/01/26 9:18 p.m.3 views

CVE-2023-20921

In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.3CVSS7.2AI score0.00272EPSS
Exploits0References1
OSV
OSV
added 2022/12/13 4:15 p.m.8 views

CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00167EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/12/13 4:15 p.m.25 views

CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2022/12/13 4:15 p.m.32 views

UBUNTU-CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00167EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.5 views

CVE-2022-20495

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7AI score0.00167EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-14708 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A logic error in the code of AccessibilityManager.java, specifically in the getEnabledAccessibilityServiceList function, allows for a possible way to hide an accessibility service...

7.8CVSS7AI score0.00167EPSS
Exploits0References7
OSV
OSV
added 2022/12/01 12:0 a.m.36 views

ASB-A-243849844

In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.7AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder