Possible Man-in-the-Middle Attack Due to Logic Error in Code

CVE-2024-47023

8.1HIGH

Key Information

Vendor: Google
Status: Android
Vendor: CVE Published:; 25 October 2024

Summary

there is a possible man-in-the-middle attack due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Version(s)

Android = Android kernel

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 25, 2024
Vulnerability Reserved.
Sep 16, 2024

Collectors

NVD DatabaseMitre Database