Google has released a warning related to an active exploitation of a vulnerability to its Android users. The vulnerability tracked under the reference CVE-2024-43093 poses a significant threat to Google’s Android framework as it can lead to unauthorized access to sensitive directories. This is a vulnerability in the core Google Play system framework thatunderpins much of the app infrastructure on devices. It is a privilege escalation vulnerability that, on successful exploitation, allows an attacker to access directories like “Android/data,” “Android/obb” and ”Android/sandbox.” along with their subdirectories.
Google, in their monthly newsletter, has acknowledged the limited exploitation of the flaw in the wild, even though the details about the tools and techniques being used as weapons to target the victims are not known as of now.
Last month, the chipmaker recognized Seth Jenkins and Conghui Wang, Google Project Zero researchers, for reporting the flaw and Amnesty International Security Lab for confirming the in-the-wild activity.
The advisory also highlighted another issue that is being actively targeted by malicious actors, CVE-2024-43047, a bug in Qualcomm chipsets. It already has a patch rolled out. So, it is advised that the patch be deployed as soon as possible. The flaw exists in use-after-free vulnerability in the Digital Signal Processor (DSP) Service, and its successful exploitation could lead to memory corruption. The Qualcomm issue has already prompted the US cybersecurity agency to mandate all federal employees (and advise all others) to update their phones on priority.