Possible Permission Bypass Vulnerability in Multiple Locations
CVE-2024-40654

7.8HIGH

Key Information:

Vendor: None specified
Status: Android
Vendor: CVE Published:; 11 September 2024

🔔 Create None specified Vulnerability Alert

What is CVE-2024-40654?

A permission bypass vulnerability has been identified within the Android Settings app, exposing users to potential local escalation of privileges. This issue arises from a confused deputy scenario occurring in multiple locations within the app code. Exploitation of this vulnerability requires user interaction, emphasizing the necessity for awareness and caution while using or configuring Android devices. Updates and patches are crucial to mitigate these risks and preserve the integrity of user permissions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://android.googlesource.com/platform/packages/apps/S...

https://source.android.com/security/bulletin/2024-09-01

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2024

JSON

None specified

What is CVE-2024-40654?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.