Lucene search

Google_androidVULNRICHMENT:CVE-2024-0042

HistoryMay 07, 2024 - 9:01 p.m.

CVE-2024-0042

2024-05-0721:01:29

google_android

github.com

cve-2024-0042

oem

drm

certificates

confusion

crypto

bypass

local

drm content

protection

execution privileges

exploitation

user interaction

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Android",
    "versions": [
      {
        "version": "Android SoC",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

source.android.com/security/bulletin/2024-04-01