Android Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, remote code execution and elevation of privilege on the targeted system.
Note:
There are indications that CVE-2024-43093 may be under limited, targeted exploitation.
CVE-2024-50302 is being exploited in the wild. This vulnerability allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities. Since the exploitation requires physical connection to malicious hardware, the risk level remains Medium.
[Updated on 2025-03-11]
Updated Description and Related Links.
Impact
- Elevation of Privilege
- Denial of Service
- Information Disclosure
- Remote Code Execution
System / Technologies affected
- Android security patch level prior to 2025-03-01
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://source.android.com/docs/security/bulletin/2025-03-01
Vulnerability Identifier
- CVE-2023-21125
- CVE-2024-0032
- CVE-2024-43090
- CVE-2024-43093
- CVE-2024-46852
- CVE-2024-49728
- CVE-2024-49740
- CVE-2024-50302
- CVE-2025-0074
- CVE-2025-0075
- CVE-2025-0078
- CVE-2025-0079
- CVE-2025-0080
- CVE-2025-0081
- CVE-2025-0082
- CVE-2025-0083
- CVE-2025-0084
- CVE-2025-0086
- CVE-2025-0087
- CVE-2025-0092
- CVE-2025-0093
- CVE-2025-22403
- CVE-2025-22404
- CVE-2025-22405
- CVE-2025-22406
- CVE-2025-22407
- CVE-2025-22408
- CVE-2025-22409
- CVE-2025-22410
- CVE-2025-22411
- CVE-2025-22412
- CVE-2025-22413
- CVE-2025-26417
Source
Related Link
Related Tags
Share with