Google has cautioned about a security loophole influencing its Android operating system that has been actively utilized.
The security flaw, known as CVE-2024-43093, has been labeled as a privilege escalation weakness in the Android Framework element which might lead to unauthorized entry to “Android/data,” “Android/obb,” and “Android/sandbox” directories as well as their sub-folders, as stated in a code commit communication.
Information regarding how this vulnerability is being utilized in live assaults is currently unavailable, but Google has acknowledged in its monthly bulletin that there are signs indicating it “could be under confined, pointed exploitation.”
The huge corporation has also identified CVE-2024-43047, a now-fixed security imperfection in Qualcomm chipsets, as one that has been actively exploited. This flaw, a use-after-free bug in the Digital Signal Processor (DSP) Service, successful exploitation could trigger memory corruption.
In the previous month, the chipmaker acknowledged Google Project Zero researchers Seth Jenkins and Conghui Wang for informing about the flaw, and Amnesty International Security Lab for confirming the real-world activity.
The advisory does not provide any specifics about the exploit incidents related to this flaw or when they might have started; however, it’s plausible that they could have been employed as part of highly targeted espionage operations aimed at members of civil society.
It is still unidentified whether both security vulnerabilities were put together to form an exploit chain in order to raise privileges and execute code effectively.
CVE-2024-43093 is the second actively exploited Android Framework flaw following CVE-2024-32896, which was resolved by Google back in June and September 2024. Though initially it was fixed only for Pixel devices, the company later confirmed that the flaw has an impact on the wider Android ecosystem.
About Author
