2 matches found
CVE-2024-31323
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-31323
CVE-2024-31323 is an Android local elevation-of-privilege vulnerability in the onCreate path of the HealthFitness module (HealthFitness) that could trick a user into granting health permissions via tapjacking, requiring no user interaction for exploitation. The issue is mapped to the Healthfitnes...