Google · Android · CVE-2024-34734
**Name of the Vulnerable Software and Affected Versions**
Android (affected versions not specified)
**Description**
The issue is related to an insecure default value in the `onForegroundServiceButtonClicked` function of `FooterActionsViewModel.kt`. This could allow disabling the active VPN app from the lock screen, potentially leading to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.