Possible Local Escalation of Privilege Vulnerability in Uri.java

CVE-2024-40662

Currently unrated 🤨

Key Information

Vendor: Google
Status: Android
Vendor: CVE Published:; 11 September 2024

Summary

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Version(s)

Android = 14

Android = 13

Android = 12L

Timeline

Vulnerability published.
Sep 11, 2024

Collectors

NVD DatabaseMitre Database