{"uuid": "56bf58ff-19f5-4301-bbcc-7bcb0c2e9cc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49744", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2549", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49744\n\ud83d\udd39 Description: In  checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to bypass parcel mismatch mitigation  due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\n\ud83d\udccf Published: 2025-01-21T23:04:44.166Z\n\ud83d\udccf Modified: 2025-01-22T14:40:59.296Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/2025-01-01", "creation_timestamp": "2025-01-22T15:03:09.000000Z"}