Security Advisory

CVE-2024-43085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-13 17:25:13
Last updated 2024-11-16 04:55:32
Assigner google_android
State PUBLISHED

Description

In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.