TROYANOSYVIRUS
Retour aux CVEs

CVE-2024-32896

HIGHCISA KEV
7.8

Description

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Details CVE

Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie6/13/2024
Derniere modification10/24/2025
Sourcekev
Observations honeypot0

CISA KEV

FournisseurAndroid
ProduitPixel
Nom vulnerabiliteAndroid Pixel Privilege Escalation Vulnerability
Date ajout KEV2024-06-13
Date limite remediation2024-07-04
Utilise dans ransomwareUnknown

Produits affectes

google:android

Faiblesses (CWE)

CWE-670CWE-783

References

https://source.android.com/security/bulletin/pixel/2024-06-01(dsap-vuln-management@google.com)
https://source.android.com/security/bulletin/pixel/2024-06-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-32896(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.