Security Advisory

CVE-2024-49734

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-21 23:04:43

Last updated 2025-03-24 16:17:55

Assigner google_android

State PUBLISHED

Description

In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a VPN due to side channel information disclosure. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

← Browse all CVEs View on cve.org ↗