fkie_cve-2024-47022
Vulnerability from fkie_nvd
Published
2024-10-25 11:15
Modified
2024-10-28 21:35
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656.
References
| URL | Tags | ||
|---|---|---|---|
| dsap-vuln-management@google.com | https://source.android.com/security/bulletin/pixel/2024-10-01 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| android | * | ||
| pixel | - | ||
| pixel_2 | - | ||
| pixel_2_xl | - | ||
| pixel_3 | - | ||
| pixel_3_xl | - | ||
| pixel_3a | - | ||
| pixel_3a_xl | - | ||
| pixel_4 | - | ||
| pixel_4_xl | - | ||
| pixel_4a | - | ||
| pixel_4a_5g | - | ||
| pixel_5 | - | ||
| pixel_5a | - | ||
| pixel_6 | - | ||
| pixel_6_pro | - | ||
| pixel_6a | - | ||
| pixel_7 | - | ||
| pixel_7_pro | - | ||
| pixel_7a | - | ||
| pixel_8 | - | ||
| pixel_8_pro | - | ||
| pixel_8a | - | ||
| pixel_9 | - | ||
| pixel_9_pro | - | ||
| pixel_9_pro_fold | - | ||
| pixel_c | - | ||
| pixel_fold | - | ||
| pixel_pro_xl | - | ||
| pixel_slate | - | ||
| pixel_tablet | - | ||
| pixel_xl | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1716AE3-39FD-430C-9B82-FDDEB29775B8",
"versionEndExcluding": "2024-10-05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B17D3A78-87DD-44CD-AB11-3E42AEB1A1D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B76B2AD-52E2-41D2-82D7-557DC32E064F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_2_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50F1BE2A-DC55-4AC2-8272-FC793CB93B48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "95B55D72-61F8-4957-9C3D-8009C6966F40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_3_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "128E8B67-E19C-4C1A-B7FB-081ACDB243C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_3a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F56191C-4FF1-4309-9169-AA83CF2F23F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_3a_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59B24F-5624-4BCB-985A-2CC9987EA69C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EFE6CB-CAFD-4F38-8548-A19A0FBFECC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_4_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BF63E4-BD56-40F9-AA33-5EB5D1D2A7BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_4a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E49FC5D-ACC7-498F-88E9-293AB276CF63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_4a_5g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3936C02-6FC1-4B53-A54E-C49DBEFBC17A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821F3393-1034-4812-A091-D753EDA59E60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_5a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD673E4-9A74-4029-9E99-F741711A529C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C27C4FD0-E67A-4D54-A00A-BDD59AAABB4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_6_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBDD7EC-7E2D-4703-9CE8-8B2422146F6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_6a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99FFC9C6-24A6-4479-8DA1-93DA62C89048",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1347ED-56D0-4AF8-92D8-D4E427B5A1CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_7_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23904900-3001-4EA1-9A6C-C8F7EB2D3C42",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_7a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C74EE811-A472-4509-A52F-34EE65FEDE7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7669A258-53B3-4599-B304-A99C47278583",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_8_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E43578F-1598-4343-AC12-B71DE4E33C50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_8a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF365A22-58DA-4D98-ADF0-FFD566BD62B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58D7038F-BF44-45ED-8C35-6DD98D72A043",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_9_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0889AF-7B08-42CE-A721-87D99B9F27CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_9_pro_fold:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3485B56E-3A9C-4960-B58E-CE5291BD66CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9526852E-8BF4-42AA-A9BC-84FEC564B871",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_fold:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05242EED-D230-4968-A0B1-1472D6D645D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_pro_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0EF14B-06EF-4229-8364-7049A6E53D32",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_slate:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A412160-3367-4945-BD00-A0D730C271CD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_tablet:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831D6339-087B-4CFA-9AF7-FBE6FB5F7E00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:google:pixel_xl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1674845A-B3D0-43E2-98FC-06E29A3C6A77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656."
},
{
"lang": "es",
"value": "Android anterior al 2024-10-05 en los dispositivos Google Pixel permite la divulgaci\u00f3n de informaci\u00f3n en el componente ACPM, A-331255656."
}
],
"id": "CVE-2024-47022",
"lastModified": "2024-10-28T21:35:18.190",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-10-25T11:15:16.950",
"references": [
{
"source": "dsap-vuln-management@google.com",
"tags": [
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/pixel/2024-10-01"
}
],
"sourceIdentifier": "dsap-vuln-management@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…