CVE-2024-23705

high

Description

In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

References

https://source.android.com/security/bulletin/2024-05-01

https://android.googlesource.com/platform/frameworks/base/+/032bee6dc118ce1cc3fde92463b2954c1450f2e8

Details

Source: Mitre, NVD

Published: 2024-05-07

Updated: 2024-05-08

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics