Login Sign Up

CVE-2024-0015

7.8 HIGH

📋 TL;DR

This CVE describes an intent redirection vulnerability in Android's DreamService component that allows local attackers to launch arbitrary protected activities without user interaction. It enables local privilege escalation from user execution privileges to higher system privileges. Affects Android devices running vulnerable versions of the framework.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to January 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with vulnerable framework versions; exploitation requires a malicious app to be installed.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to execute arbitrary code with system privileges, access sensitive data, and persist malware.

🟠

Likely Case

Local privilege escalation allowing unauthorized access to protected activities and sensitive system functions.

🟢

If Mitigated

Limited impact if proper app sandboxing and SELinux policies are enforced, restricting lateral movement.

🌐 Internet-Facing: LOW - Requires local access to device, not directly exploitable over network.
🏢 Internal Only: HIGH - Local attackers or malicious apps can exploit this without user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to install/execute malicious app; no user interaction needed once app is installed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: January 2024 Android Security Patch

Vendor Advisory: https://source.android.com/security/bulletin/2024-01-01

Restart Required: Yes

Instructions:

1. Apply January 2024 Android Security Patch. 2. Update affected devices through OTA updates. 3. For custom ROMs, apply framework/base commit 2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70.

🔧 Temporary Workarounds

Disable unnecessary system services

android

Reduce attack surface by disabling unused system components and services

Restrict app installations

android

Only install apps from trusted sources and implement app allowlisting

🧯 If You Can't Patch

  • Implement strict app vetting and only allow installation from trusted sources
  • Enable enhanced security features like SELinux and app sandboxing

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If patch level is before January 2024, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows January 2024 or later in device settings.

📡 Detection & Monitoring

Log Indicators:

  • Unusual activity in DreamService component
  • Intent redirection attempts to protected activities

Network Indicators:

  • Not applicable - local exploitation only

SIEM Query:

Look for DreamService component abuse or intent redirection patterns in Android system logs

📊 Metadata

CVE ID: CVE-2024-0015
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-280
Published: February 16, 2024
Last Updated: March 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0015, you might also want to check these:

CVE-2025-46066 9.9

A privilege escalation vulnerability in Automai Director v.25.2.0 allows remote attackers to gain el...

Same vulnerability type (CWE-280)
CVE-2024-25108 9.9

This CVE describes an authorization bypass vulnerability in Pixelfed that allows attackers to access...

Same vulnerability type (CWE-280)
CVE-2024-24116 9.8

A privilege escalation vulnerability in Ruijie RG-NBS2009G-P switches allows remote attackers to gai...

Same vulnerability type (CWE-280)