← back
CVE-2024-25987

CVE-2024-25987

CVSS 6.7 MEDIUMEPSS 0.1%CWE-269
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.7EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Google · Android