CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40652
https://notcve.org/view.php?id=CVE-2024-40652
This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/2909433f7d59dcdd0c74044b1c8e9f48927193dc https://source.android.com/security/bulletin/2024-09-01 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-40650
https://notcve.org/view.php?id=CVE-2024-40650
This could lead to local escalation of privilege with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/apps/Settings/+/2968ccc911956fa5813a9a6a5e5c8970e383a60f https://source.android.com/security/bulletin/2024-09-01 • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31336
https://notcve.org/view.php?id=CVE-2024-31336
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-09-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23716
https://notcve.org/view.php?id=CVE-2024-23716
This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. • https://source.android.com/security/bulletin/2024-09-01 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8012 – Ivanti Workspace Control RES Exposed Dangerous Method Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-8012
An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges. This vulnerability allows local attackers to escalate privileges on affected installations of Ivanti Workspace Control. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC • CWE-288: Authentication Bypass Using an Alternate Path or Channel •