exploitDog

CVE-2024-0042

Опубликовано: 07 мая 2024

Источник: nvd

CVSS3: 7.8

CVSS3: 5.6

EPSS Низкий

Описание

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

https://source.android.com/security/bulletin/2024-04-01
Vendor Advisory
https://source.android.com/security/bulletin/2024-04-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00008

Низкий

7.8 High

CVSS3

5.6 Medium

CVSS3

Дефекты

CWE-295

CWE-295

Связанные уязвимости

GHSA-59j5-r3pj-3q9p

CVSS3: 5.6

github

больше 1 года назад

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.

EPSS

Процентиль: 1%

0.00008

Низкий

7.8 High

CVSS3

5.6 Medium

CVSS3

Дефекты

CWE-295

CWE-295