Wednesday , April 2 2025
Android

Update Alert!
Google Warns of Critical Android Vulns Under Attack

Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect Android versions 12 to 15, posing increasing risks for billions of devices.

The bulletin requires the immediate installation of the 2025-03-05 security patch to address remote code execution and privilege escalation vulnerabilities.

Two Critical Android Vulnerabilities

CVE-2024-43093: System Component Privilege Escalation:

This vulnerability, rated CVSS 7.8, allows malicious apps to bypass Android’s sandboxing due to improper validation of inter-process communication (IPC) messages. Attackers can exploit weak permission checks in the System component to access restricted directories, such as Android/data and Android/sandbox, gaining unauthorized control over sensitive operations.

The November 2024 patch restricts directory permissions and validates IPC inputs, but many devices remain vulnerable due to slow updates from OEMs, especially those depending on third-party manufacturers.

CVE-2024-50302: Linux Kernel HID Core Memory Leak

A severe vulnerability in the Linux kernel’s Human Interface Device (HID) subsystem, identified as CVE-2024-50302, enables unauthenticated attackers to access uninitialized kernel memory through specially crafted USB HID reports.

The issue arises because the kernel does not zero-initialize the report_buffer during allocation, allowing sensitive data like encryption keys or authentication tokens to be exposed. In December 2024, Serbian authorities exploited this vulnerability, along with CVE-2024-53104 (UVC driver overflow), to unlock a student activist’s device.

Kaspersky reports a 300% increase in Android attacks since January 2025, with CVE-2024-43093 associated with state-sponsored hackers.

Check Also

200 million

Over 200 Million Info Leaked Online Allegedly Belonging to X

Safety Detectives’ Cybersecurity Team found a forum post where a threat actor shared a .CSV …

Leave a Reply

Your email address will not be published. Required fields are marked *