CVE-2024-40672 - Samsung Android ChooserActivity Java Missing Permission Check Privilege Escalation Vulnerability
cve cybersecurity securityCVE ID : CVE-2024-40672
Published : Jan. 28, 2025, 8:15 p.m. | 11 hours, 44 minutes ago
Description : In onCreate of ChooserActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Go to Source