CVE-2024-49732

Published Jan 21, 2025

Last updated 9 days ago

Overview

Description
In multiple functions of CompanionDeviceManagerService.java, there is a possible way to grant permissions without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Source
security@android.com
NVD status
Awaiting Analysis

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-862

Social media

Hype score
Not currently trending

  1. CVE-2024-49732 Permission Bypass in Android CompanionDeviceManagerService https://t.co/tSgclKMmDT

    @VulmonFeeds

    22 Jan 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References