Elevation of privilege in Android (CVE-2024-0044) #shorts #breaking

CVE

CVE-2024-0044 is an elevation of privilege vulnerability found in Android operating systems. This vulnerability, which surfaced approximately seven months ago, affects Android versions 12, 12L, 13, and 14. While it is not classified as a zero-day, exploit code has been provided by security researchers and a potential Metasploit module could be utilized for exploitation. Although no specific organizations have been reported as targeted, all users of the affected Android versions are at risk. Attackers exploiting this vulnerability could potentially extract data from installed applications, access sensitive user information, and retrieve specific databases such as those used by WhatsApp.

Watch the full video on YouTube: CVE-2024-0044

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

CVE database technical details

CVE ID

CVE-2024-0044

Description

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Provider

google_android

CWE / problem types

Elevation of privilege

Affected Software Versions

Google:Android:[{'version': '15', 'status': 'affected'}, {'version': '14', 'status': 'affected'}, {'version': '13', 'status': 'affected'}, {'version': '12L', 'status': 'affected'}, {'version': '12', 'status': 'affected'}]

Date Published

2024-03-11T16:35:21.760Z

Last Updated

2025-01-28T19:13:40.074Z