← back
CVE-2024-32896

CVE-2024-32896

CVSS 8.1 HIGHEPSS 3.0%● KEVCWE-783
In short

A logic error in the code allows attackers to bypass security controls and gain higher privileges on the system. This requires local access and user interaction, but does not need special permissions to exploit.

Technical detail

A logic flaw (CWE-783: Operator Precedence Logic Error) enables privilege escalation through a bypass mechanism requiring local code execution and user interaction. The vulnerability does not require elevated initial privileges, allowing authenticated users to escalate to higher privilege levels.

Summary generated and translated by AI from the official description.
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Google · Android

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://source.android.com/security/bulletin/pixel/2024-06-01https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-32896