November 4, 2024 at 10:58PM
Google has identified a security flaw in Android, CVE-2024-43093, which is being actively exploited and allows unauthorized access to sensitive directories. Another flaw, CVE-2024-43047, in Qualcomm chipsets, is also exploited but is now patched. The exact exploitation methods and potential connections between the two vulnerabilities remain unclear.
### Meeting Takeaways
**Date:** November 5, 2024
**Attendee:** Ravie Lakshmanan
**Topic:** Mobile Security / Vulnerability
1. **Security Flaw Identified:**
– Google has reported a security vulnerability in the Android operating system, designated as **CVE-2024-43093**.
– The flaw is classified as a privilege escalation vulnerability within the Android Framework, which allows unauthorized access to directories like “Android/data”, “Android/obb”, and “Android/sandbox”.
2. **Exploitation Status:**
– There are indications that CVE-2024-43093 is “under limited, targeted exploitation” but no specific details on its real-world application have been disclosed.
– This is the second Android Framework flaw to be actively exploited, following **CVE-2024-32896**, which has already been patched.
3. **Related Vulnerability:**
– Google has also flagged **CVE-2024-43047** as actively exploited, relating to a vulnerability in Qualcomm chipsets (a use-after-free issue in the DSP Service), which can lead to memory corruption.
– This flaw was reported by Google’s Project Zero researchers and confirmed by Amnesty International Security Lab as being used in the wild, likely in targeted spyware attacks against civil society members.
4. **Uncertain Exploit Chain:**
– There is no confirmed information if CVE-2024-43093 and CVE-2024-43047 were combined in a chain to escalate privileges or achieve code execution.
5. **Background on Previous Flaw:**
– CVE-2024-32896 was initially patched for Pixel devices, but later identified to affect the wider Android ecosystem.
6. **Recommendations:**
– Stay updated on security patches from Google and monitor for any further developments regarding these vulnerabilities.
### Action Items:
– Follow Google’s updates on security patches.
– Consider further discussions on vulnerability response strategies.