Google has issued a warning regarding a serious vulnerability in the Android operating system, which has already been exploited by attackers. The vulnerability, known as cve-2024-43093, was discovered in the Android Framework component, and it can result in unauthorized access to directories such as “Android/Data,” “Android/Obb,” and “Android/Sandbox,” along with their subcategories.
While the specifics of how this vulnerability is being exploited are still unknown, Google’s monthly Bulletin indicates that it has been utilized in targeted attacks with limited coverage.
In addition to this, Google has also revealed a second actively exploited vulnerability, cve-2024-43047 (CVSS: 7.8). This vulnerability, which was found in Qualcomm processors and has since been fixed, involves a memory use-after-free error in the digital signal processor service (DSP), which could lead to a successful attack.
The discovery of this vulnerability was made by Google Project Zero researchers Seth Jenkins and Conghui Wang last month, and it has been confirmed to be actively used by employees of Amnesty International.
The official warning does not provide specific details about the exploitation of this vulnerability or when it began to be actively used. There is a possibility that it is being leveraged in espionage attacks targeting individuals in civil society.
It is unclear whether both vulnerabilities are being exploited together to escalate privileges and execute code, which would pose a significant risk to users.
cve-2024-43093 is the second actively exploited vulnerability in the Android Framework recently. In June and September, Google released patches for a similar vulnerability, cve-2024-32896, which initially protected Pixel devices and later a wider range of Android devices.