Headline
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories and its sub-directories,
Mobile Security / Vulnerability
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories and its sub-directories, according to a code commit message.
There are currently no details about how the vulnerability is being weaponized in real-world attacks, but Google acknowledged in its monthly bulletin that there are indications it “may be under limited, targeted exploitation.”
The tech giant has also flagged CVE-2024-43047, a now-patched security bug in Qualcomm chipsets, as having been actively exploited. A use-after-free vulnerability in the Digital Signal Processor (DSP) Service, successful exploitation could lead to memory corruption.
Last month, the chipmaker credited Google Project Zero researchers Seth Jenkins and Conghui Wang for reporting the flaw, and Amnesty International Security Lab for confirming the in-the-wild activity.
The advisory offers no details on the exploit activity targeting the flaw or when it might have started, although it’s possible that it may have been leveraged as part of highly targeted spyware attacks aimed at civil society members.
It’s also currently not known if both the security vulnerabilities were fashioned together as an exploit chain to elevate privileges and achieve code execution.
CVE-2024-43093 is the second actively exploited Android Framework flaw after CVE-2024-32896, which was patched by Google back in June and September 2024. While it was originally resolved only for Pixel devices, the company later confirmed that the flaw impacts the broader Android ecosystem.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Related news
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that
Google has released patches for two zero-days and a lot of other high level vulnerabilities.
Chinese-speaking adversaries are using a fresh Android banking Trojan to take over devices and initiate fraudulent money transfers from financial institutions across Latin America, Italy, Portugal, and Spain.
Plus, a zero-day vulnerability in Qualcomm chips, exposed health care devices, and the latest on the Salt Typhoon threat actor.
Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to "memory corruption
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-36971 may be under limited, targeted exploitation," the tech giant noted in its monthly Android security
Google revealed that a firmware vulnerability in its Pixel devices has been under limited active exploitation