CVE-2024-49734
Published Jan 21, 2025
Last updated 9 days ago
- Description
- In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a VPN due to side channel information disclosure. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Awaiting Analysis
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-203
- Hype score
- Not currently trending