Android’s monthly security bulletin published Monday warns of two vulnerabilities with “limited, targeted exploitation” in the wild.

One vulnerability impacts Qualcomm chipsets via a use-after-free vulnerability in its FastRPC driver. Designated as CVE-2024-43047, the bug was reported to be under active exploitation in early October and is rated “high” severity with a CVSS score of 7.8.

A FastRPC driver is a piece of software in Qualcomm’s chip design that helps the main processor talk to the digital signal processor (DSP) using the FastRPC protocol. This driver handles data transfer and remote commands, letting apps use the DSP’s special processing power effectively for tasks like processing media, running machine learning, and other demanding applications.

Although victims have not yet been made public, Qualcomm cited researchers at Google’s Threat Analysis Group for the indications of exploitation which was later confirmed by Amnesty International’s Security Lab.

Qualcomm said in an emailed statement that the company commends “the researchers from Google Project Zero and Amnesty International Security Lab for using coordinated disclosure practices.”

“Regarding their FastRPC driver research, fixes have been made available to our customers as of September 2024. We encourage end users to apply security updates as they become available from device makers,” Qualcomm said.

Neither Google nor the Security Lab at Amnesty International responded to requests for comment. The involvement of the human rights group could be an indication that either state-backed hacking or surveillance activity may be at the center of the narrow campaign.

Monday’s security bulletin also included another vulnerability — CVE-2024-43093 — which Google claims is also  under exploitation. However, the vulnerability is currently in the process of being formally reviewed and documented, so no further details have been released.

Kern Smith, vice president of global sales engineering at the mobile cybersecurity firm Zimperium, said attackers are increasingly targeting employee devices to access corporate data and exploit supply chains.

“It’s really a matter of when their devices or apps will be exposed to some level of vulnerability,” Smithsaid. “Mobile devices face the same or similar challenges like any other end point, especially when they’re critical to our personal and also to our professional lives.”

Smith added  that targeting mobile hardware is an increasingly common attack method.
There were 44 CVEs fixed in total. You can see the full list on Android’s website.

The post Android warns of Qualcomm exploit in latest security bulletin appeared first on CyberScoop.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Declassified NSA Newsletters

April 2, 2024 0 Comments 0 tags

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “Tales of the Krypt,” from 1994 to 2003. There are many

Read More

Industry Veterans and New Talent Recognised at European Cybersecurity Blogger Awards 2024

June 10, 2024 0 Comments 0 tags

The winners of the European Cybersecurity Blogger Awards were announced at a ceremony held at Tapa Tapa, London, on June 5 at Infosecurity Europe 2024

Read More

CISA Adds Two Known Exploited Vulnerabilities to Catalog

July 23, 2024 0 Comments 0 tags

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2012-4792 Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 Twilio Authy Information Disclosure Vulnerability These

Read More