2 matches found
CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2024-40652
The CVE-2024-40652 entry describes an elevation-of-privilege issue in Android’s SettingsHomepageActivity onCreate, where a missing permission check could allow provisioning-phase access to the Settings app. This enables local privilege escalation with UI interaction required for exploitation. Pub...