CVE-2024-49737
Published Jan 21, 2025
Last updated 9 days ago
- Description
- In applyTaskFragmentOperation of WindowOrganizerController.java, there is a possible way to launch arbitrary activities as the system UID due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Awaiting Analysis
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-276
- Hype score
- Not currently trending