- Description
- In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- Source
- security@android.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Android Framework Privilege Escalation Vulnerability
- Exploit added on
- Nov 7, 2024
- Exploit action due
- Nov 28, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
on a scale fom 1-10 , @Google, how bad is CVE-2024-43093 if the last update you gave me is from March, and the vulnerability is fixed in November? https://t.co/KkzMLnPLqJ https://t.co/ztmIFHFouz
@xxxDEV1xxx
24 Jan 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google warns of active exploitation of CVE-2024-43093 in Android. This #vulnerability allows unauthorized access to critical directories, emphasizing the need for timely updates and patching processes. Source : https://t.co/HyogMznuCL
@3xxx_301
21 Jan 2025
92 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Google warns of active exploitation of CVE-2024-43093 in Android. This #vulnerability allows unauthorized access to critical directories, emphasizing the need for timely updates and patching https://t.co/0miExnsQab https://t.co/Utcmvz9Xh3
@johnwalshiii
20 Jan 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Warns of Active Exploitation of CVE-2024-43093 in Android ! To learn more, read on: https://t.co/nA4H1edrzj https://t.co/nRROcfdU2i #security #pentesting #cybersecurity #website #appsecurity https://t.co/sz4z2h333z
@norsyx
19 Dec 2024
204 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google warns of active exploitation of CVE-2024-43093 in Android. This #vulnerability allows unauthorized access to critical directories, emphasizing the need for timely updates and patching https://t.co/0miExnsQab https://t.co/DZQlYzKEHP
@johnwalshiii
11 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Apache ExternalStorage File Path Filter Bypass (Local Privilege Escalation) - #CVE-2024-43093 (Critical) - Critical https://t.co/cwuypcfZdj
@dailycve
28 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-43093
@transilienceai
23 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-43093
@transilienceai
20 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-43093
@transilienceai
19 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-43093
@transilienceai
18 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-43093
@transilienceai
17 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. @NITDANigeria https://t.co/h3EraPnKzS
@theoloriherself
16 Nov 2024
133 Impressions
3 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. by @NITDANigeria https://t.co/4kYl0bwAyb
@Adeolaoluw71104
16 Nov 2024
56 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Android users, update phone now! CVE-2024-43093 is being exploited. Protect your device from unauthorized access. https://t.co/ELjbF630Fk
@Ahmed___khaan
15 Nov 2024
477 Impressions
3 Retweets
11 Likes
1 Bookmark
0 Replies
0 Quotes
Android users, update now! CVE-2024-43093 is being exploited. Protect your device from unauthorized access. https://t.co/6PE0IMaCPZ
@__yellows
15 Nov 2024
908 Impressions
7 Retweets
11 Likes
0 Bookmarks
0 Replies
0 Quotes
Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. - Overview. - Impact. - Prevention. Via - @NITDANigeria. https://t.co/kXniDr2ass
@Nawas_masood
15 Nov 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. - Overview. - Impact. - Prevention. Via - @NITDANigeria. https://t.co/DeEFeX5Ie3
@zaMusbeyNe_
15 Nov 2024
433 Impressions
13 Retweets
13 Likes
0 Bookmarks
0 Replies
0 Quotes
Important Message From @NITDANigeria : Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. https://t.co/diXdwgJtUE
@Journalist_Mind
15 Nov 2024
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. https://t.co/9jvcWUR6kL
@_chiefagbabiaka
15 Nov 2024
1312 Impressions
10 Retweets
8 Likes
0 Bookmarks
1 Reply
0 Quotes
Advisory on Vulnerability CVE-2024-43093 Exploited in Android Operating System. https://t.co/fgFuIXVOUm
@NITDANigeria
15 Nov 2024
4485 Impressions
51 Retweets
70 Likes
3 Bookmarks
1 Reply
3 Quotes
🚨 #Android Vulnerability Alert: #CVE-2024-43093 Allows Privilege Escalation (Undercode Analysis) https://t.co/QfqRWTzXmJ
@UndercodeNews
15 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43093 In shouldHideDocument of https://t.co/r3tn21m5se, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to in… https://t.co/TAOCmEWUBr
@CVEnew
13 Nov 2024
314 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥Your daily #security news! Google Warns of Actively Exploited Android Vulnerability! Google has warned that a privilege escalation flaw in the Android Framework component (CVE-2024-43093) is being actively exploited in the wild. The vulnerability could result in unauthorized…
@GuardingPearSof
11 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Latest Cyber Security News from Cyber Security Park. Google warns of actively exploited CVE-2024-43093 vulnerability in Android system, https://t.co/i5SFARbQMu
@cybersecpark
11 Nov 2024
39 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
3/10🔓Exploit in Android Framework! 🚨 CVE-2024-43093 is actively being exploited in targeted attacks. Protect yourself by staying up to date with the latest security patches. High-value individuals and organizations are particularly at risk!💥#CyberAttack #AndroidExploit
@Eth1calHackrZ
10 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2/10 💥 CVE-2024-43093: A Threat to Your Privacy⚠️This Android vulnerability targets critical directories like "Android/data" & "Android/obb". Attackers could steal personal data, install malware, or hijack your device. Stay protected — update your OS immediately!🚫#AndroidFl
@Eth1calHackrZ
10 Nov 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1/10 Google Warns of Critical Android Flaw! Google has issued a warning about CVE-2024-43093, an actively exploited Android vulnerability. This flaw can give attackers unauthorized access to sensitive user data and even take control of your device. Update now!🔒#AndroidSecurity
@Eth1calHackrZ
10 Nov 2024
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Alert: Active Exploitation of Critical Flaws 🚨 CISA warns of high-risk vulnerabilities: Palo Alto Expedition (CVE-2024-5910) Android (CVE-2024-43093) CyberPanel (CVE-2024-51567) Federal agencies advised to patch by Nov 28. #Cybersecurity #CISA #PaloAlto #Vulnerability ht
@redfoxsec
8 Nov 2024
57 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43093 is getting exploited #inthewild. Find out more at https://t.co/BBXVZxg337
@inthewildio
8 Nov 2024
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE Alert: Android Framework Privilege Escalation Zero-day Vulnerability Exploited In-The-Wild🚨 Vulnerability Details: CVE-2024-43093 (HIGH) Android Framework Privilege Escalation Vulnerability Impact A Successful exploit may allow a remote attacker to gain elevated… https:/
@CyberxtronTech
8 Nov 2024
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Android Security Alert 🚨 Google warns of an actively exploited flaw: CVE-2024-43093 It targets critical directories in Android Framework. Another bug, CVE-2024-43047, hits Qualcomm chips, linked to spyware attacks. #safeyourweb #Hacking #CyberSecurity #Android #Infosec h
@safeyourweb
8 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google предупредила об активно эксплуатируемой уязвимости в Android Компания Google сообщала, что свежая уязвимость CVE-2024-43093 в операционной системе Android уже активно используется хакерами. Подробнее https://t.co/EwaDlAPxy3 https://t.co/GNBqMMfLxh
@pc7ooo
7 Nov 2024
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-43093 #Android #Framework Privilege Escalation Vulnerability https://t.co/y0K4FnHDLY
@ScyScan
7 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#DOYOUKNOWCVE Android Security Alert! CVE-2024-43093: A high-severity privilege escalation vulnerability in Android’s Framework component, which affects the Documents UI component within Project Mainline. This vulnerability allows attackers to elevate their access privileges,… h
@Loginsoft_Inc
7 Nov 2024
45 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Android users, beware! Google has flagged a new vulnerability (CVE-2024-43093) under active attack. Don’t leave your data exposed! 🔒 Check out the full details here: https://t.co/nKfUEgte7C #Cybersecurity #Android #Vulnerability
@StackZeroSec
7 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی گوگل ۴۰ آسیب پذیری که ۲ آسیب پذیری از آنها از نوع Zero Day بوده اند را پچ نموده است. این دو آسیب پذیری دارای کدهای شناسایی CVE-2024-43047 و CVE-2024-43093 می باشند و به هکرها بدون نیاز به سطح دسترسی خاصی امکان اجرای code را می دهند. https://t.co/Y2P1U3epiq https://t.co
@AmirHossein_sec
6 Nov 2024
42 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری CVE-2024-43093 اندروید را فورا پچ کنید! https://t.co/DwBE61nGKp
@vulnerbyte
6 Nov 2024
21 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google предупредила об активно эксплуатируемой уязвимости в Android Компания Google сообщала, что свежая уязвимость CVE-2024-43093 в операционной системе Android уже активно используется хакерами. https://t.co/PeV98R0lEH
@XakepRU
6 Nov 2024
618 Impressions
3 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Googleは、Androidシステムの特権昇格の脆弱性であるCVE-2024-43093が現在悪用されていることを警告している。 #米国ニュース https://t.co/Lu7znYzoyA
@NaoyukiszB
6 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Shaking up the technology world with this: Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System - The Hacker News https://t.co/8MXukiUMko
@bens_bot_2396
6 Nov 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Googleは、Androidの権限昇格の脆弱性CVE-2024-43093が、現在悪用されていると警告している。 #米国ニュース https://t.co/Lu7znYzoyA
@NaoyukiszB
6 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43093あたりは、実証POCあるんかな。一時rootいける?
@Qpsk1234
6 Nov 2024
189 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Google advierte sobre la vulnerabilidad CVE-2024-43093 que está siendo explotada activamente en el sistema #Android https://t.co/7Mk1jweHwU
@Masterhacks_net
5 Nov 2024
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google has released the November 2024 security updates for Android, addressing two critical zero-day vulnerabilities, CVE-2024-43093 and CVE-2024-43047, which were actively exploited in targeted attacks. These vulnerabilities could enable attackers to execute arbitrary code,… htt
@XArthurDent
5 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google fixes CVE-2024-43093 in Android OS #Google #Android #CVE-2024-43093 #CVE-2024-43047 https://t.co/k1SijqTW7Q
@pravin_karthik
5 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System: https://t.co/EpZC27rusb Google has issued a warning regarding the actively exploited CVE-2024-43093 vulnerability in the Android operating system, which allows privilege escalation and… https://t.
@securityRSS
5 Nov 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Une nouvelle vulnérabilité critique vient d'être découverte sur #Android. Après l'alerte de @Qualcomm sur la faille CVE-2024-43047 au début du mois,@Google révèle aujourd'hui la CVE-2024-43093, qui menace vos données personnelles. Mettez votre smartphone à jour ! #Clubic #AyTèk h
@MontissolSteve1
5 Nov 2024
43 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google has released the November 2024 Android security update, addressing two actively exploited zero-day vulnerabilities, identified as CVE-2024-43093 and CVE-2024-43047. These vulnerabilities could potentially allow attackers to execute arbitrary code on affected devices.… http
@XArthurDent
5 Nov 2024
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security alert for Android users! Two zero-day vulnerabilities, CVE-2024-43047 and CVE-2024-43093, are actively being exploited in targeted attacks, prompting a crucial need for immediate updates. 🔹 CVE-2024-43047: A high-severity vulnerability in Qualcomm chipsets (CVSS 7.8)…
@Leighton411
5 Nov 2024
60 Impressions
3 Retweets
2 Likes
0 Bookmarks
2 Replies
0 Quotes
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System https://t.co/YVaGZE79ii https://t.co/hPBWqQGL7n
@DidierCaradec
5 Nov 2024
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E"
}
],
"operator": "OR"
}
]
}
]