395/67 Thursday, November 7, 2024
vulnerability in the Android operating system, which is actively being exploited by threat actors. This vulnerability involves privilege escalation within the Android Framework component, and if successfully exploited, it could allow unauthorized access to critical system folders such as ‘Android/data,’ ‘Android/obb,’ and ‘Android/sandbox.’ While Google has not yet disclosed the specifics of these attacks, the company has noted that another vulnerability, CVE-2024-43047, is also being actively exploited.
The CVE-2024-43047 vulnerability is located within the Qualcomm component of the Android system. It is a Use-After-Free (UAF) vulnerability that may lead to memory corruption due to the way the Digital Signal Processor (DSP) handles Direct Memory Access (DMA) File Descriptors in the Buffer of the Header.
Google reported that both vulnerabilities are currently being used in targeted attacks. Additionally, in September, Google addressed a high-severity vulnerability, CVE-2024-32896 (CVSS score: 7.8), which is a privilege escalation flaw within the Android Framework. This vulnerability could be exploited due to a logic error in the code, enabling attackers to gain elevated privileges without authorization.
Source https://securityaffairs.com/170581/uncategorized/cve-2024-43093-android-flaw-actively-exploited.htm