CVE-2024-40652

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description The issue is related to a missing permission check in the onCreate method of SettingsHomepageActivity.java. This could allow access to the Settings app while the device is provisioning, potentially leading to local escalation of privilege without needing additional execution privileges. User interaction is required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.