mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-12 21:42:20 +02:00
marc
760 B
760 B
CVE-2024-0014
Description
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
POC
Reference
No PoCs from references.