CVE-2024-49734
Published: 21 January 2025
Summary
CVE-2024-49734 is a high-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Google Android. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Network Sniffing (T1040); ranked in the top 19.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-31 (Covert Channel Analysis) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-49734 is a side-channel information disclosure vulnerability (CWE-200) affecting multiple functions in ConnectivityService.java within the Android Open Source Project. It allows a Wi-Fi access point to determine the websites a device has connected to through a VPN by leaking timing or other side-channel data. The issue enables remote information disclosure with no additional execution privileges required and no user interaction needed, earning a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
An attacker controlling a malicious or compromised Wi-Fi access point can exploit this vulnerability when a victim device connects to it. Exploitation occurs over the network with low complexity, requiring no privileges or user interaction, and results in high-impact confidentiality loss by revealing VPN-protected browsing destinations.
The Android Security Bulletin for 2025-01-01 at https://source.android.com/security/bulletin/2025-01-01 provides details on affected versions and patches for mitigation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-43699
Vulnerability details
In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a VPN due to side channel information disclosure. This could lead to remote information disclosure with…
more
no additional execution privileges needed. User interaction is not needed for exploitation.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Side-channel leak of VPN-protected destinations from Wi-Fi AP enables effective network traffic reconnaissance/sniffing without direct packet access.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Timely flaw remediation directly patches the side-channel vulnerability in ConnectivityService.java, preventing Wi-Fi AP inference of VPN-protected websites.
Covert channel analysis identifies and mitigates timing-based side-channel leaks that allow malicious Wi-Fi APs to disclose VPN browsing destinations.
Wireless access controls restrict and protect connections to untrusted Wi-Fi APs, reducing exposure to side-channel exploitation in ConnectivityService.