Saturday, April 19, 2025
HomeCVE/vulnerabilityGoogle Warns of a New Android Zero-Day Vulnerability Is Under Active Attack

Google Warns of a New Android Zero-Day Vulnerability Is Under Active Attack

Published on

SIEM as a Service

Follow Us on Google News

Google has recently acknowledged about the threat actors who are using Qualcomm chipset as their weapon to launch different targeted attacks.

Google warns everyone regarding a new zero-day vulnerability that was patched recently, and this new vulnerability is only affecting Android devices. After detecting this new flaw Google tracked this Android vulnerability as CVE-2020-11261.

According to the report of Google, this new flaw mainly focuses on improper input validation issues that are present on Qualcomm’s graphics.

- Advertisement - Google News

However, the chief component of these graphics could easily be exploited, and as a result, it increases the memory corruption when a threat actor request access to a large portion of the memory of the device.

Zero-day flaw

  • CVE ID: CVE-2020-11261
  • CVSS Score: 8.4
  • Severity: High
  • Component: Display

This new Android Zero-day vulnerability CVE-2020-11261 was initially determined by Google’s team of Android Security on July 20, 2020. After detecting the vulnerability, Google has reported this vulnerability to Qualcomm, and later it got fixed in January 2021.

Moreover, the security team also affirmed that they have noticed some implications of CVE-2020-11261 that are might be limited in the targeted exploitation.

Not only this but as we said above that this vulnerability is continuously targeting all the Android devices, and this vulnerability is mainly focusing on improper input validation issues which are accessible in Qualcomm’s graphics.

Flaw in Qualcomm’s graphics component

After investigating the whole vulnerability the analyst of the security team has confirmed that this new Zero-day vulnerability is affecting Qualcomm’s graphics component.

Not only this but the new Zero-day vulnerability also influencing the Qualcomm closed-source components. However, these affected components could be utilized to increase memory corruption when a threat actor directly requests access to a large chunk of the device’s memory. 

Apart from this, the security team of Google has yet not released the identity of the threat actors, also the victims that are targeted in this vulnerability. 

Generally, Google does not share any information regarding the victim or the threat actors, but, here, the main motive of doing this is that Google wants to stop other threat actors from taking any type of advantage.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

How SMBs Can Improve SOC Maturity With Limited Resources

Small and Medium-sized Businesses (SMBs) have become prime targets for cybercriminals, being three times...

How To Detect Obfuscated Malware That Evades Static Analysis Tools

Obfuscated malware presents one of the most challenging threats in cybersecurity today. As static...

How Security Analysts Detect and Prevent DNS Tunneling Attack In Enterprise Networks

DNS tunneling represents one of the most sophisticated attack vectors targeting enterprise networks today,...

How to Conduct a Cloud Security Assessment

Cloud adoption has transformed organizations' operations but introduces complex security challenges that demand proactive...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Critical AnythingLLM Vulnerability Exposes Systems to Remote Code Execution

A critical security flaw (CVE-2024-13059) in the open-source AI framework AnythingLLM has raised alarms across cybersecurity...

PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation

A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel's...

Bubble.io 0-Day Flaw Lets Attackers Run Arbitrary Queries on Elasticsearch

A vulnerability in Bubble.io, a leading no-code development platform, has exposed thousands of applications...