Security Bulletin
Summary
- Security CVES
- High CVE-2024-39441
Minutia
- CVE ID CVE-2024-39441
- Title Exposure of Sensitive Information to an Unauthorized Actor in wifi display
- Description
In wifi display, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed.
- Technology Area Android
- Vulnerability Type CWE-200 Information Exposure
- Access Vector Local
- CVSS Rating High
- CVSS Score 7.1
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
- Affected Chipsets*
T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000
- Affected Software Versions
Android13/Android14/Android15
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact directly at https://unisupport.unisoc.com
Vulnerability type definition
- Abbreviation Interpretation
- RCE Remote Code Execution
- EoP Elevation of Privilege
- ID Information Disclosure
- DoS Denial of Service
- N/A Classification not available
Version
- Version Date Description
- 1.0 2025-02-01