Login Sign Up

CVE-2024-34740

7.8 HIGH

📋 TL;DR

This CVE describes an integer overflow vulnerability in Android's BinaryXmlSerializer that allows arbitrary XML injection. It enables local privilege escalation without requiring user interaction or additional execution privileges. All Android devices running vulnerable versions are affected.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to the August 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: All Android devices running vulnerable versions are affected regardless of configuration.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to execute arbitrary code with system privileges, potentially gaining full control over the device.

🟠

Likely Case

Local privilege escalation allowing malicious apps to break out of sandbox and access sensitive data or system resources they shouldn't have access to.

🟢

If Mitigated

No impact if patched; with proper app sandboxing and security controls, exploitation would be limited even if vulnerable.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring app execution on the device.
🏢 Internal Only: HIGH - Any malicious app installed on the device could exploit this without user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed on the device, but no user interaction is needed once installed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level August 2024 or later

Vendor Advisory: https://source.android.com/security/bulletin/2024-08-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > System update. 2. Install the August 2024 Android security patch or later. 3. Reboot the device after installation.

🔧 Temporary Workarounds

No workaround available

all

This is a core framework vulnerability that cannot be mitigated without patching.

🧯 If You Can't Patch

  • Restrict installation of untrusted apps by enabling 'Install unknown apps' restrictions
  • Use mobile device management (MDM) solutions to monitor for suspicious app behavior

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 'August 5, 2024' or later date

📡 Detection & Monitoring

Log Indicators:

  • Unusual XML parsing errors in system logs
  • Suspicious app behavior attempting to access system resources

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable for typical SIEM monitoring as this is a local device vulnerability

📊 Metadata

CVE ID: CVE-2024-34740
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-190
Published: August 15, 2024
Last Updated: December 17, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34740, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)