Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Qualcomm Alerted to Possible Zero-Day Exploited in Targeted Attacks

Google and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.

Qualcomm zero-day

Qualcomm on Monday published a security advisory addressing 20 vulnerabilities found and patched in its products, including what appears to be a zero-day.

The potential zero-day is tracked as CVE-2024-43047 and the vendor says “there are indications from Google Threat Analysis Group that CVE-2024-43047 may be under limited, targeted exploitation”. 

Qualcomm’s advisory describes CVE-2024-43047 as a high-severity use-after-free issue in the DSP service.

Seth Jenkins, the Google Project Zero researcher credited for finding the vulnerability, said on X that Amnesty International and Google’s Threat Analysis Group (TAG) have found evidence of potential in-the-wild exploitation

The researcher noted that “hopefully the bug will be patched on Android devices very soon”. The October 2024 security bulletin for Android was published on Monday, but it does not mention CVE-2024-43047.

No information has been shared on the attacks that may involve exploitation of CVE-2024-43047. However, the fact that it was reported by representatives of Google and Amnesty suggests that it has likely been exploited by a commercial spyware vendor against Android devices.

According to Qualcomm, CVE-2024-43047 affects over 60 chipsets, including FastConnect, QCA, QCS, Video Collaboration, SA, SD, SG, Snapdragon, SW, SXR, WCD, WCN, and WSA series products. 

The flaw was reported to Qualcomm in late July and a patch was recently created, but it will take significant time for the patch to reach end user devices and many systems that are not regularly updated will never receive the fix.

Advertisement. Scroll to continue reading.

It’s not uncommon for Qualcomm chipset vulnerabilities to be exploited in attacks. According to data from CISA’s Known Exploited Vulnerabilities (KEV) catalog, this is the eighth exploited Qualcomm flaw found since 2021.  

Related: Google Patches Android Zero-Day Exploited in Targeted Attacks

Related: Android’s September 2024 Update Patches Exploited Vulnerability

Related: Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Jared Bartel has been named CISO at Idaho State University.

Automated phishing protection and scam prevention company Bolster has appointed Rod Schultz as CEO.

Bugcrowd has appointed Trey Ford as CISO for the Americas.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.