In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS
No CVSS.
References
Configurations
No configuration.
History
08 May 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 May 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-07 21:15
Updated : 2024-05-08 13:15
NVD link : CVE-2024-0022
Mitre link : CVE-2024-0022
CVE.ORG link : CVE-2024-0022
JSON object : View
Products Affected
No product.
CWE
No CWE.