Strix
26.1K

CVE-2024-53701

UnknownEPSS 0.21%

Last modified

CVE-2024-53701 is a vulnerability of currently unknown severity. Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.. EPSS estimates a 0.21% chance of exploitation in the next 30 days.

Description

Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.

Metrics

EPSS Probability
0.21%

10.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

References

Timeline

Published
Last Modified
Status
Deferred

Frequently Asked Questions

What is CVE-2024-53701?
Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided security features' setting pages may be exposed and/or the settings may be altered, without authentication. For example, specific applications in the device configured to be hidden may be displayed and/or activated.
How severe is CVE-2024-53701?
Severity scoring for CVE-2024-53701 is pending analysis. The EPSS model estimates a 0.21% probability of exploitation in the next 30 days.
How do I fix CVE-2024-53701?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-53701?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST