- Description
- In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.4
- Impact score
- 5.9
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-862
- Hype score
- Not currently trending
CVE-2024-40677 01/28/2025 08:15:49 PM BaseSeverity: HIGH In shouldSkipForInitialSUW of https://t.co/Ncy5avPWYI, there is a possible way to bypass factory reset pro... https://t.co/dh2BmnVAAW
@CVETracker
29 Jan 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-40677 Local Privilege Escalation in Android Factory Reset Protection Mechanism https://t.co/MCt53Fpv7m
@VulmonFeeds
28 Jan 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-40677 In shouldSkipForInitialSUW of https://t.co/ELKAxMnFDn, there is a possible way to bypass factory reset protections due to a missing permission check. This could… https://t.co/Po9IItQWFz
@CVEnew
28 Jan 2025
268 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes