CVE-2024-30059: Microsoft Intune for Android Mobile Application Management Tampering Vulnerability

Overview

Severity

Medium (CVSS 6.1)

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:H/RL:O/RC:C

Category

Tampering

Exploit Status

Not Exploited

Exploitation Likelihood

Unlikely

Patch Tuesday

2024-May

Released

2024-05-14

EPSS Score

0.22% (percentile: 44.5%)

FAQ

How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker requires access to a rooted target device and must disable certain components of the Intune Mobile Application Manager which do not fully impact availability. An attacker could then gain access to sensitive files based on the targeted device's privileges but does not provide the ability to alter data. How do I know if I am affected by this vulnerability? Customers using Microsoft Intune Mobile Application Management features enabled by the Intune App SDK for Android are affected by this vulnerability. Customers who do not have auto-updates enabled need to update the Intune Company Portal to version 5.0.6215.0 or higher to be protected from this vulnerability.

Affected Products (1)

Apps

• Microsoft Intune Mobile Application Management for Android

Security Updates (1)

• Release Notes

Acknowledgments

Gee Sung with Aon

Revision History

• 2024-05-14: Information published.