Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.
History

Tue, 03 Dec 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 29 Nov 2024 06:00:00 +0000

Type Values Removed Values Added
Description Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.
Weaknesses CWE-306
References
Metrics cvssV3_0

{'score': 3.1, 'vector': 'CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-11-29T05:39:28.139Z

Updated: 2024-12-03T14:09:02.981Z

Reserved: 2024-11-22T08:34:00.460Z

Link: CVE-2024-53701

cve-icon Vulnrichment

Updated: 2024-12-03T14:08:58.608Z

cve-icon NVD

Status : Received

Published: 2024-11-29T06:15:07.327

Modified: 2024-11-29T06:15:07.327

Link: CVE-2024-53701

cve-icon Redhat

No data.