Login Sign Up

CVE-2024-23713

7.8 HIGH

📋 TL;DR

This vulnerability in Android's NotificationManagerService allows local privilege escalation without user interaction due to improper input validation in notification filter migration. It affects Android devices running vulnerable versions, potentially allowing malicious apps to gain elevated privileges.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to the April 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: All Android devices running affected versions are vulnerable by default.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could gain full system-level privileges, potentially compromising the entire device, accessing sensitive data, or installing persistent malware.

🟠

Likely Case

A malicious app could bypass security restrictions, access other apps' data, or perform unauthorized system operations.

🟢

If Mitigated

With proper app sandboxing and security updates, impact is limited to isolated privilege escalation within the notification system.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring app installation.
🏢 Internal Only: HIGH - Once a malicious app is installed, it can exploit this without user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed; no user interaction needed once installed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: April 2024 Android Security Patch or later

Vendor Advisory: https://source.android.com/security/bulletin/2024-04-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install the April 2024 security patch or later. 3. Reboot the device.

🔧 Temporary Workarounds

Disable unknown sources

android

Prevent installation of apps from unknown sources to reduce attack surface

🧯 If You Can't Patch

  • Restrict app installations to trusted sources only (Google Play Store)
  • Use mobile device management (MDM) to enforce security policies and monitor for suspicious apps

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level. If before April 2024, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows April 2024 or later after update.

📡 Detection & Monitoring

Log Indicators:

  • Unusual notification service crashes or errors in system logs
  • Suspicious app behavior attempting to modify notification settings

SIEM Query:

Search for system logs containing 'NotificationManagerService' errors or crashes combined with suspicious app installation events.

📊 Metadata

CVE ID: CVE-2024-23713
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
Published: May 7, 2024
Last Updated: December 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-23713, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)