In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
References
Configurations
No configuration.
History
11 Sep 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
Summary |
|
11 Sep 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-11 00:15
Updated : 2024-09-11 16:26
NVD link : CVE-2024-40655
Mitre link : CVE-2024-40655
CVE.ORG link : CVE-2024-40655
JSON object : View
Products Affected
No product.
CWE
No CWE.