Security News > 2024 > November > Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
2024-11-05 03:30
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories and its sub-directories,
News URL
https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html
Related news
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google OAuth Vulnerability Exposes Millions via Failed Startup Domains (source)
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43093 | Unspecified vulnerability in Google Android In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. | 7.8 |