CVE-2024-40676

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description The issue is related to a confused deputy in the checkKeyIntent function of AccountManagerService.java, allowing a possible bypass of intent security checks. This could lead to the installation of an unknown app and result in local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.