CVE-2024-49744
Published Jan 21, 2025
Last updated 9 days ago
- Description
- In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- Source
- security@android.com
- NVD status
- Awaiting Analysis
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-502
- Hype score
- Not currently trending
🚨 #Breakingnews: "CVE-2024-49744" A new CVE detected - with severity "0.0 | NA". More: https://t.co/uPOZEDIJUm. 📢 Follow us for more updates! #CVE #ThreatAlert #InfoSec #CriticalVulnerability
@bluepinksec
22 Jan 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49744 In checkKeyIntentParceledCorrectly of https://t.co/AGGxjMlq1p, there is a possible way to bypass parcel mismatch mitigation due to unsafe deserialization. This c… https://t.co/TTGWfsW3ST
@CVEnew
22 Jan 2025
91 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes