Login Sign Up

CVE-2024-49742

7.8 HIGH

📋 TL;DR

This vulnerability allows a malicious app to hide its notification access permission in Android Settings, preventing users from revoking it. Attackers could escalate privileges locally without needing additional permissions. Only affects Android devices with vulnerable versions.

💻 Affected Systems

Products:
  • Android
Versions: Specific Android versions mentioned in the January 2025 security bulletin
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Requires user interaction to grant initial notification access; affects devices with vulnerable Android versions.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious app gains persistent notification access, enabling surveillance, data exfiltration, and privilege escalation while remaining hidden from user controls.

🟠

Likely Case

Malware hides notification access to maintain persistence and avoid detection while stealing sensitive notification content.

🟢

If Mitigated

With proper app vetting and security controls, risk is limited to targeted attacks requiring user interaction.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user to install malicious app and grant notification access; no public exploit details available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level January 2025 or later

Vendor Advisory: https://source.android.com/security/bulletin/2025-01-01

Restart Required: No

Instructions:

1. Check Android security patch level in Settings > About phone > Android version. 2. Install January 2025 or later security update via Settings > System > System update. 3. Verify patch is applied.

🔧 Temporary Workarounds

Disable notification access for untrusted apps

Android

Manually review and disable notification access for suspicious apps in Settings

Settings > Apps & notifications > Special app access > Notification access

🧯 If You Can't Patch

  • Restrict installation of apps from unknown sources in device settings
  • Regularly audit notification access permissions and revoke for unused/untrusted apps

🔍 How to Verify

Check if Vulnerable:

Check if Android security patch level is earlier than January 2025 in Settings > About phone > Android version

Check Version:

Settings > About phone > Android version > Security patch level

Verify Fix Applied:

Confirm security patch level shows January 2025 or later in device settings

📡 Detection & Monitoring

Log Indicators:

  • Unexpected notification access permission grants
  • Apps hiding notification access settings

Network Indicators:

  • Unusual network traffic from apps with notification access

SIEM Query:

App install events followed by notification permission grants without user awareness

📊 Metadata

CVE ID: CVE-2024-49742
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
EPSS Score: 0.02% exploit probability (5.3th percentile)
Published: January 21, 2025
Last Updated: April 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-49742, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)