Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Samsung
Samsung android |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:12.0:smr_sep-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:* |
|
Vendors & Products |
Samsung
Samsung android |
Wed, 04 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 04 Sep 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background. | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: SamsungMobile
Published: 2024-09-04T05:32:18.698Z
Updated: 2024-09-04T13:14:00.164Z
Reserved: 2024-05-07T04:43:27.838Z
Link: CVE-2024-34637
Vulnrichment
Updated: 2024-09-04T13:13:56.368Z
NVD
Status : Analyzed
Published: 2024-09-04T06:15:11.377
Modified: 2024-09-05T18:05:27.753
Link: CVE-2024-34637
Redhat
No data.