Login Sign Up

CVE-2024-0024

7.8 HIGH

📋 TL;DR

This vulnerability in Android's UserManagerService allows local attackers to bypass user restrictions through improper input validation, potentially escalating privileges without additional permissions. Exploitation requires user interaction. Affects Android devices running vulnerable versions.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to May 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with multiple user profiles or restricted profiles enabled.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains elevated privileges, potentially accessing restricted data or system functions they shouldn't have access to.

🟠

Likely Case

Malicious app circumvents user-imposed restrictions to access protected data or functionality.

🟢

If Mitigated

Proper app sandboxing and security updates prevent exploitation, maintaining normal user restriction enforcement.

🌐 Internet-Facing: LOW - Requires local access and user interaction, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local attackers with physical or app-based access could exploit if device is vulnerable.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction and local access; exploitation details not publicly documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: May 2024 Android Security Patch or later

Vendor Advisory: https://source.android.com/security/bulletin/2024-05-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install May 2024 security patch or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable multiple user profiles

android

Remove additional user profiles to reduce attack surface

Settings > System > Multiple users > Remove additional users

🧯 If You Can't Patch

  • Restrict physical access to devices
  • Monitor for suspicious app behavior and restrict app installations

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows May 2024 or later date

📡 Detection & Monitoring

Log Indicators:

  • Unexpected user restriction changes in system logs
  • Suspicious UserManagerService method calls

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="android_system" AND "UserManagerService" AND ("restriction" OR "privilege")

📊 Metadata

CVE ID: CVE-2024-0024
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-269
Published: May 7, 2024
Last Updated: December 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0024, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)