Unprivileged Apps Can Read Restricted App-Op States, Leading to Local Escalation of Privilege
CVE-2024-34738
Currently unrated 🤨
Summary
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Version(s)
Android = 14
Android = 13
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database