CVE-2024-32911

CRITICAL

Google Android - Broken Cryptographic Algorithm

Title source: rule

Description

There is a possible escalation of privilege due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References (1)

[Vendor Advisory] https://source.android.com/security/bulletin/pixel/2024-06-01

Scores

CVSS v3 9.8

EPSS 0.0190

EPSS Percentile 83.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-327 CWE-347

Status published

Products (1)

google/android

Published Jun 13, 2024

Tracked Since Feb 18, 2026