CVE-2024-31320

HIGH

Android - Local Privilege Escalation via Companion Device Association

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-31320. PoCs published by SpiralBL0CK.

AI-analyzed exploit summary The repository contains a functional Frida-based exploit for CVE-2024-31320, which manipulates Android's CompanionDeviceManager to force Bluetooth pairing without user interaction and includes additional scripts to exfiltrate location and notification data.

Description

In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (1)

nomisec WORKING POC
by SpiralBL0CK · poc
https://github.com/SpiralBL0CK/CVE-2024-31320-

The repository contains a functional Frida-based exploit for CVE-2024-31320, which manipulates Android's CompanionDeviceManager to force Bluetooth pairing without user interaction and includes additional scripts to exfiltrate location and notification data.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Android CompanionDeviceManager (specific version not specified)
No auth needed
Prerequisites: Physical access or ADB access to the target device · Frida installed on the attacker's machine · Target device running vulnerable Android version
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.8
EPSS 0.0026
EPSS Percentile 17.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-269 CWE-284
Status published
Products (2)
google/android 12.0
google/android 12.1
Published Jul 09, 2024
Tracked Since Feb 18, 2026