CNVD-2025-17129 — Vulnetix

CNVD-2025-17129 PUBLISHED CVSS 7.800000190734863 HIGH

Google Android是由美国谷歌公司（Google）主导开发的开放源代码手机操作系统。 Google Android存在权限提升漏洞，该漏洞源于未声明的权限，可以添加应用程序来绕过VPN。攻击者可利用该漏洞无需额外执行权限的情况下实现本地权限提升。

Risk Scores

CVSS 3.1

7.800000190734863

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Google	Android	Android kernel

Exploit Intelligence

CIRCL seen: CVE-2024-11624 (circl-sighting)
https://source.android.com/security/bulletin/pixel/2024-12-01 (circl)
CIRCL seen: CVE-2024-11624 (circl-sighting)
CIRCL seen: CVE-2024-11624 (circl-sighting)
CIRCL seen: CVE-2024-11624 (circl-sighting)

Timeline

Dec 5, 2024 CVE Published
Jan 3, 2025 PoC Published
Jan 3, 2025 PoC Published
Jan 3, 2025 PoC Published
Jan 3, 2025 PoC Published

References

https://source.android.com/security/bulletin/pixel/2024-12-01 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›