CVE-2017-13314
Published Nov 15, 2024
Last updated 18 hours ago
Overview
- Description
- In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Received
Social media
- Hype score
- Not currently trending