- Description
- In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
The Android Zygote Processor Critical vulnerability CVE-2024-31317 The main issue is that the permission of any UID in the Android system can be obtained by using this vulnerability, which is similar to breaking through the Android sandbox and obtaining the permission of any htt
@PPHM_HackerNews
24 Mar 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-31317
@transilienceai
17 Mar 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-31317
@transilienceai
15 Mar 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Severe Android Vulnerability CVE-2024-31317 Exposed! Attackers can exploit this flaw to gain unauthorized access, compromise sensitive data, and take control of devices. 🔹 High risk of malware, spyware, and data breaches. 🔹 Enterprises face compliance risks & security threa
@Infosharenew
12 Mar 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Severe Android Vulnerability CVE-2024-31317 Exposed! Attackers can exploit this flaw to gain unauthorized access, compromise sensitive data, and take control of devices. 🔹 High risk of malware, spyware, and data breaches. 🔹 Enterprises face compliance risks & security threa
@varutra
12 Mar 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
New vulnerability CVE-2024-31317 in Android Zygote allows system-wide code execution and privilege escalation on devices running Android 11 or older. ⚠️ Protect devices! #AndroidVulnerability #ZygoteInjection #USA link: https://t.co/EdHDxLZebe https://t.co/6MV0lij57S
@TweetThreatNews
11 Mar 2025
28 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
}
],
"operator": "OR"
}
]
}
]