Cyber Posture

CVE-2024-56191

High

Published: 10 March 2025

Published
10 March 2025
Modified
27 June 2025
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 6.2th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2024-56191 is an integer overflow vulnerability in the `dhd_process_full_gscan_result` function within `dhd_pno.c`, part of the Broadcom Wi-Fi driver implementation in Android. This flaw enables a potential escalation of privilege (EoP) and affects Pixel Watch devices, as detailed in the Android security bulletin for March 2025.

A local attacker can exploit this vulnerability without requiring additional execution privileges (PR:N), user interaction (UI:N), or complex setup (AC:L). Successful exploitation grants high-impact confidentiality, integrity, and availability effects (C:H/I:H/A:H), allowing the attacker to elevate privileges locally on the affected device, with a CVSS v3.1 base score of 8.4.

The Android Security Bulletin for Pixel Watch, dated 2025-03-01 and available at https://source.android.com/docs/security/bulletin/pixel-watch/2025/2025-03-01, addresses this issue with patches. Security practitioners should apply the recommended updates to mitigate the risk of local privilege escalation.

Details

CWE(s)
CWE-281

Affected Products

google
android
all versions

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Integer overflow in Broadcom Wi-Fi driver enables local privilege escalation on Android device without additional privileges or user interaction.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References