CVE-2024-20015

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 5, 2024

Updated: Jul 3, 2024

CWE ID 305

Summary

CVE-2024-20015 is a newly identified vulnerability affecting telephony systems. It allows an attacker to bypass permissions and escalate privileges locally, without requiring any additional execution privileges. This vulnerability could be exploited without user interaction, posing a significant risk to affected systems. The issue has been assigned the patch ID ALPS08441419 and the issue ID ALPS08441419. Organizations using the affected telephony software are urged to apply the patch as soon as possible to mitigate this escalation of privilege risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uZ3Tz2
https://www.cve.org/CVERecord?id=CVE-2024-20015
https://nvd.nist.gov/vuln/detail/CVE-2024-20015

Back to Vulnerability Database