Sunday, May 19, 2024

Google Warns of a New Android Zero-Day Vulnerability Is Under Active Attack

Google has recently acknowledged about the threat actors who are using Qualcomm chipset as their weapon to launch different targeted attacks.

Google warns everyone regarding a new zero-day vulnerability that was patched recently, and this new vulnerability is only affecting Android devices. After detecting this new flaw Google tracked this Android vulnerability as CVE-2020-11261.

According to the report of Google, this new flaw mainly focuses on improper input validation issues that are present on Qualcomm’s graphics.

However, the chief component of these graphics could easily be exploited, and as a result, it increases the memory corruption when a threat actor request access to a large portion of the memory of the device.

Zero-day flaw

  • CVE ID: CVE-2020-11261
  • CVSS Score: 8.4
  • Severity: High
  • Component: Display

This new Android Zero-day vulnerability CVE-2020-11261 was initially determined by Google’s team of Android Security on July 20, 2020. After detecting the vulnerability, Google has reported this vulnerability to Qualcomm, and later it got fixed in January 2021.

Moreover, the security team also affirmed that they have noticed some implications of CVE-2020-11261 that are might be limited in the targeted exploitation.

Not only this but as we said above that this vulnerability is continuously targeting all the Android devices, and this vulnerability is mainly focusing on improper input validation issues which are accessible in Qualcomm’s graphics.

Flaw in Qualcomm’s graphics component

After investigating the whole vulnerability the analyst of the security team has confirmed that this new Zero-day vulnerability is affecting Qualcomm’s graphics component.

Not only this but the new Zero-day vulnerability also influencing the Qualcomm closed-source components. However, these affected components could be utilized to increase memory corruption when a threat actor directly requests access to a large chunk of the device’s memory. 

Apart from this, the security team of Google has yet not released the identity of the threat actors, also the victims that are targeted in this vulnerability. 

Generally, Google does not share any information regarding the victim or the threat actors, but, here, the main motive of doing this is that Google wants to stop other threat actors from taking any type of advantage.


Latest articles

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...

Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles