Home > Vulnerability Database > CVE-2024-0032

Mend.io Vulnerability Database

CVE-2024-0032

Date: February 15, 2024

In multiple locations, there is a possible way to request access to directories that should be hidden due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

Language: Java

Severity Score

6.5

Related Resources (8)

Url: https://android.googlesource.com/platform/frameworks/base/+/a6321142ea43053ea8d0db516eede4c35c5dab18

Url: https://android.googlesource.com/platform/frameworks/base/+/4af5db76f25348849252e0b8a08f4a517ef842b7

Url: https://source.android.com/security/bulletin/2024-02-01

Url: https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/b2cc552f8e1ed982e6662f64baa2cdbf1acaf777

Url: https://source.android.com/security/bulletin/2025-03-01

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-0032

Url: https://android.googlesource.com/platform/packages/providers/DownloadProvider/+/5acd646e0cf63e2c9c0862da7e03531ef0074394

Url: https://www.mend.io/vulnerability-database/CVE-2024-0032

Severity Score

6.5

Weakness Type (CWE)

Improper Access Control

CWE-284

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-0032

Date: February 15, 2024

Language: Java

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?