CVE-2024-0044— Google Android 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2024-0044の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
N/A
ソース: NVD (National Vulnerability Database)
脆弱性説明
In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Google Android 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。 Google Android 存在安全漏洞,该漏洞源于 PackageInstallerService.java 文件的 createSessionInternal 方法存在输入验证不当,可能会以任何应用程序的方式运行。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2024-0044の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|---|---|---|
| 1 | Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely | https://github.com/scs-labrat/android_autorooter | POC詳細 |
| 2 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | https://github.com/pl4int3xt/cve_2024_0044 | POC詳細 |
| 3 | 利用 CVE-2024-0044 Android 权限提升下载任意目标App沙箱文件。 | https://github.com/Re13orn/CVE-2024-0044-EXP | POC詳細 |
| 4 | CVE-2024-0044: uma vulnerabilidade de alta gravidade do tipo "executar como qualquer aplicativo" que afeta as versões 12 e 13 do Android | https://github.com/007CRIPTOGRAFIA/c-CVE-2024-0044 | POC詳細 |
| 5 | 利用CVE-2024-0044 在Android12、13 下提权 | https://github.com/Kai2er/CVE-2024-0044-EXP | POC詳細 |
| 6 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | https://github.com/hunter24x24/cve_2024_0044 | POC詳細 |
| 7 | EvilDroid automates the exploitation of CVE-2024-0044, installing malicious payloads on a target device and extracting sensitive data. It features automated ADB connection checks, APK pushing, UID extraction, payload generation, and real-time progress updates, providing a seamless and professional user experience. | https://github.com/nexussecelite/EvilDroid | POC詳細 |
| 8 | a vulnerability affecting Android version 12 & 13 | https://github.com/nahid0x1/CVE-2024-0044 | POC詳細 |
| 9 | CVE-2024-0044 | https://github.com/MrW0l05zyn/cve-2024-0044 | POC詳細 |
| 10 | PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app | https://github.com/canyie/CVE-2024-0044 | POC詳細 |
| 11 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | https://github.com/pl4int3xt/CVE-2024-0044 | POC詳細 |
| 12 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | https://github.com/0xbinder/CVE-2024-0044 | POC詳細 |
| 13 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13 | https://github.com/Dit-Developers/CVE-2024-0044- | POC詳細 |
| 14 | EvilDroid automates the exploitation of CVE-2024-0044, installing malicious payloads on a target device and extracting sensitive data. It features automated ADB connection checks, APK pushing, UID extraction, payload generation, and real-time progress updates, providing a seamless and professional user experience. | https://github.com/sridhar-sec/EvilDroid | POC詳細 |
| 15 | a vulnerability affecting Android version 12 & 13 | https://github.com/nishan0x1/CVE-2024-0044 | POC詳細 |
| 16 | a vulnerability affecting Android version 12 & 13 | https://github.com/l1ackernishan/CVE-2024-0044 | POC詳細 |
| 17 | a vulnerability affecting Android version 12 & 13 | https://github.com/l1ackerronin/CVE-2024-0044 | POC詳細 |
| 18 | Automated Exploit for CVE-2024-0044 . | https://github.com/Athexhacker/EXPLOITER | POC詳細 |
| 19 | CVE-2024-0044_PoC | https://github.com/HoyoenKim/CVE-2024-0044_PoC | POC詳細 |
| 20 | a vulnerability affecting Android version 12 & 13 | https://github.com/ronin0x1/CVE-2024-0044 | POC詳細 |
| 21 | CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13. This repo demonstrates how to exploit CVE-2024-0044. For educational and testing purposes only. | https://github.com/Dit-Developers/CVE-2024-0044 | POC詳細 |
| 22 | A robust digital forensics tool for extracting and analyzing Google Chrome artifacts from Android devices | https://github.com/JackTekno/Chrome-Forensic_CVE-2024-0044 | POC詳細 |
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2024-0044のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Google · 2024-03-11 · 57 CVEs total
| CVE-2024-27218 | Google Pixel 安全漏洞 | |
| CVE-2024-27236 | Google Pixel 安全漏洞 | |
| CVE-2024-27229 | Google Pixel 安全漏洞 | |
| CVE-2024-27234 | Google Pixel 安全漏洞 | |
| CVE-2024-27233 | Google Pixel 安全漏洞 | |
| CVE-2024-27230 | Google Pixel 安全漏洞 | |
| CVE-2024-27235 | Google Pixel 安全漏洞 | |
| CVE-2024-27221 | Google Pixel 安全漏洞 | |
| CVE-2024-27220 | Google Pixel 安全漏洞 | |
| CVE-2024-27219 | Google Pixel 安全漏洞 | |
| CVE-2024-27222 | Google Pixel 安全漏洞 | |
| CVE-2024-27213 | Google Pixel 安全漏洞 | |
| CVE-2024-27212 | Google Pixel 安全漏洞 | |
| CVE-2024-27211 | Google Pixel 安全漏洞 | |
| CVE-2024-27210 | Google Pixel 安全漏洞 | |
| CVE-2024-27209 | Google Pixel 安全漏洞 | |
| CVE-2024-27208 | Google Pixel 安全漏洞 | |
| CVE-2024-27207 | Google Pixel 安全漏洞 | |
| CVE-2024-27206 | Google Pixel 安全漏洞 | |
| CVE-2024-27205 | Google Pixel 安全漏洞 |
Showing 20 of 57 CVEs. View all on vendor page →
IV. 関連脆弱性
V. CVE-2024-0044へのコメント
まだコメントはありません