CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-31316

In onResult of AccountManagerService.java, there is a possible way to perform an arbitrary background activity launch due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.0%

CVSS Severity

CVSS v3 Score 7.8

References

https://android.googlesource.com/platform/frameworks/base/+/3457d82f8e265ad615b38f6a2aa3c33f1e100cb9
https://source.android.com/security/bulletin/2024-06-01
https://android.googlesource.com/platform/frameworks/base/+/3457d82f8e265ad615b38f6a2aa3c33f1e100cb9
https://source.android.com/security/bulletin/2024-06-01

Products affected by CVE-2024-31316

Google » Android » Version: 12.0

cpe:2.3:o:google:android:12.0
Google » Android » Version: 12.1

cpe:2.3:o:google:android:12.1
Google » Android » Version: 13.0

cpe:2.3:o:google:android:13.0
Google » Android » Version: 14.0

cpe:2.3:o:google:android:14.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-31316

Products

Pricing

Contact Us