nahid0x1

2 exploits Active since May 2020

CVE-2024-0044 NOMISEC MEDIUM WORKING POC

PackageInstallerService - Privilege Escalation

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

5 stars

CVSS 6.7

View Code

CVE-2020-0096 NOMISEC HIGH WORKING POC

Android 8.0-9 - Local Privilege Escalation via Confused Deputy in ActivityStartController

In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109

1 stars

CVSS 7.8

View Code