dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

Avatar
info@thehackernews.com (The Hacker News)
March 3, 2025
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,”
Total
0
Shares
0
0
0
[[{“value”:”

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild.

The two high-severity vulnerabilities are listed below –

CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories, and their respective sub-directories.
CVE-2024-50302 – A privilege escalation flaw in the HID USB component of the Linux kernel that could lead to a leak of uninitialized kernel memory to a local attacker through specially crafted HID reports.

It’s worth noting that CVE-2024-43093 was previously flagged by Google in its security advisory for November 2024 as actively exploited in the wild. It’s not clear what prompted the tech giant to issue the alert a second time.

The Hacker News has reached out to Google for further comment, and we will update the story if we hear back.

CVE-2024-50302, on the other hand, is one of the three vulnerabilities that were chained into a zero-day exploit devised by Cellebrite to break into a Serbian youth activist’s Android phone in December 2024.

The exploit involved the use of CVE-2024-53104, CVE-2024-53197, and CVE-2024-50302 to gain elevated privileges and likely deploy an Android spyware dubbed NoviSpy.

All three vulnerabilities reside in the Linux kernel and were patched late last year. CVE-2024-53104 was addressed by Google in Android last month.

In its advisory, Google acknowledged that both CVE-2024-43093 and CVE-2024-50302 have come under “limited, targeted exploitation.”

The Mountain View-based company has released two security patch levels, 2025-03-01 and 2025-03-05, so as to give flexibility to Android partners to address a portion of vulnerabilities that are similar across all Android devices more quickly.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

Palau health ministry on the mend after Qilin ransomware attack

March 3, 2025
Next Post

Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

March 3, 2025
Related Posts
2 min

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font
Avatar
info@thehackernews.com (The Hacker News)
March 13, 2025
Read More
13 min

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected
Avatar
info@thehackernews.com (The Hacker News)
March 31, 2025
Read More
3 min

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware. The DomainTools Investigations (DTI) team said it identified "malicious multi-stage downloader Powershell scripts" hosted on lure websites that masquerade as Gitcode and DocuSign. "
Avatar
info@thehackernews.com (The Hacker News)
June 3, 2025
Read More