In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related CVEs

CVE-2024-0048

Key Information

GHSA ID

GHSA-57gw-fhj2-2v8c

Published

March 11, 2024 6:31 PM

Last Modified

August 28, 2024 9:31 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 13, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.