Security News > 2024 > October > Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
2024-10-08 12:18
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities affecting both proprietary and open source software running on its various chipsets. Among those is CVE-2024-43047, a use-after-free vulnerability in the Digital Signal Processor (DSP) service that could lead to “memory corruption while maintaining memory maps of [high level operating system (HLOS)] memory.” The vulnerability’s … More → The post Qualcomm zero-day under targeted exploitation (CVE-2024-43047) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/08/cve-2024-43047/
Related news
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381) (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Qualcomm urges device makers to push patches after 'targeted' exploitation (source)
- Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) (source)
- Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-07 | CVE-2024-43047 | Use After Free vulnerability in Qualcomm products Memory corruption while maintaining memory maps of HLOS memory. | 7.8 |