CISA Known Exploited Vulnerability (KEV)
Android Pixel Privilege Escalation Vulnerability
April 4, 2024
April 25, 2024
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Weakness Enumeration
CWE-ID | CWE Name |
---|---|
CWE-280 |
Improper Handling of Insufficient Permissions or Privileges |