{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T00:24:13.896","vulnerabilities":[{"cve":{"id":"CVE-2024-49744","sourceIdentifier":"security@android.com","published":"2025-01-21T23:15:14.880","lastModified":"2025-04-22T14:40:24.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In  checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation  due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."},{"lang":"es","value":"En checkKeyIntentParceledCorrectly de AccountManagerService.java, existe una forma posible de evitar la mitigación de la falta de coincidencia de paquetes debido a una deserialización insegura. Esto podría provocar una escalada local de privilegios sin necesidad de permisos de ejecución adicionales. Se necesita la interacción del usuario para la explotación."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*","matchCriteriaId":"F8FB8EE9-FC56-4D5E-AE55-A5967634740C"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*","matchCriteriaId":"C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*","matchCriteriaId":"879FFD0C-9B38-4CAA-B057-1086D794D469"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*","matchCriteriaId":"2700BCC5-634D-4EC6-AB67-5B678D5F951D"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*","matchCriteriaId":"8538774C-906D-4B03-A3E7-FA7A55E0DA9E"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2025-01-01","source":"security@android.com","tags":["Vendor Advisory"]}]}}]}