CVE-2024-0022

Name of the Vulnerable Software and Affected Versions CompanionDeviceManagerService.java (affected versions not specified)

Description The issue is related to improper input validation in multiple functions of CompanionDeviceManagerService.java. This could lead to the launch of NotificationAccessConfirmationActivity of another user profile, resulting in local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.