CVE-2024-44097

Name of the Vulnerable Software and Affected Versions Google Android (affected versions not specified)

Description The application does not validate the server certificate properly while initializing the TLS connection, allowing a network attacker to intercept the connection and read the data. The attacker could either send the client a malicious response or forward the possibly modified data to the real server. This issue affects TLS connections that are encrypted against tampering or eavesdropping.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.