Possible Bypass of File Path Filter Leads to Local Escalation of Privilege
CVE-2024-43093
Key Information
- Vendor
- External Storage Provider
- Status
- Android
- Vendor
- CVE Published:
- 13 November 2024
Badges
Summary
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2024-43093 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
News Articles
ForbesCVE-2024-43093Google Android Deadline—You Have 21 Days To Update Your Phone
Government warns all users to act now as attacks are confirmed to be underway.
1 month ago
Help Net SecurityWeek in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Millions of Synology NAS devices vulnerable to
1 month ago
Refferences
CVSS V3.1
Timeline
Vulnerability published
CISA Reported
- đź”´
Public PoC available
- đź‘ľ
Exploit known to exist
First article discovered by SecurityWeek