Login Sign Up

CVE-2024-29748

7.8 HIGH

📋 TL;DR

CVE-2024-29748 is a logic error vulnerability in Android that allows local privilege escalation without requiring additional execution privileges. Attackers can exploit this to gain elevated system access on affected devices. This primarily affects Pixel devices and potentially other Android implementations.

💻 Affected Systems

Products:
  • Google Pixel devices
  • Android OS
Versions: Android versions prior to April 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Primarily affects Pixel devices but may impact other Android implementations with similar code.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to execute arbitrary code with system privileges, access sensitive data, and persist malware.

🟠

Likely Case

Local attacker gains elevated privileges to access protected system resources and user data they shouldn't normally access.

🟢

If Mitigated

Limited impact with proper patch management and security controls preventing unauthorized physical access to devices.

🌐 Internet-Facing: LOW - Requires local access and user interaction, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Insider threats or compromised user accounts could exploit this on corporate devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction and local access. CISA has added to Known Exploited Vulnerabilities catalog indicating active exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: April 2024 Android security patch level (2024-04-01 or later)

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2024-04-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install April 2024 security patch (2024-04-01 or later). 3. Reboot device after installation.

🔧 Temporary Workarounds

Restrict physical device access

all

Limit who can physically access vulnerable devices to reduce attack surface

Enable verified boot

android

Ensure verified boot is enabled to detect system integrity issues

🧯 If You Can't Patch

  • Isolate vulnerable devices from sensitive networks and data
  • Implement strict access controls and monitor for unusual privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If patch level is earlier than 2024-04-01, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 2024-04-01 or later in Settings > About phone > Android version.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • SELinux denials for system processes
  • Unusual system service activity

Network Indicators:

  • None - local exploitation only

SIEM Query:

Look for Android security events indicating privilege escalation or SELinux policy violations

📊 Metadata

CVE ID: CVE-2024-29748
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-755
Published: April 5, 2024
Last Updated: October 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29748, you might also want to check these:

CVE-2022-48328 9.8

This vulnerability in MISP (Malware Information Sharing Platform) allows SQL injection through misha...

Same vulnerability type (CWE-755)
CVE-2021-43272 9.8

This vulnerability allows remote code execution through malicious DWF files in Open Design Alliance ...

Same vulnerability type (CWE-755)
CVE-2022-23121 9.8

CVE-2022-23121 is a critical remote code execution vulnerability in Netatalk's AppleDouble parsing f...

Same vulnerability type (CWE-755)