CVE-2024-0014 — In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. This could lead to local escalation of privilege with no additional execution — CVE Database · The Intelligence Room