Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.
The flaw, identified as CVE-2024-43047, is a use-after-free vulnerability resulting from memory corruption in the DSP Services while maintaining memory maps of HLOS memory.
Google’s Threat Analysis Group has flagged this vulnerability under limited, targeted exploitation.
Qualcomm Technologies, Inc. (QTI) has responded by issuing a security bulletin to assist its customers in incorporating necessary security updates into launched or upcoming devices.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
The bulletin details the security issues addressed in QTI’s proprietary code and provides links to publicly available code where these issues have been resolved.
In response to the threat posed by CVE-2024-43047, patches for the affected FASTRPC driver have been made available to Original Equipment Manufacturers (OEMs).
Qualcomm strongly recommends deploying these updates on affected devices as soon as possible to mitigate potential risks.
Users are advised to contact their device manufacturers for specific information on their devices’ patch status.
While there is currently no evidence linking this vulnerability to ransomware campaigns, the potential for misuse remains significant.
Experts urge users to apply remediations or mitigations according to vendor instructions. If such measures are unavailable, discontinuing the affected product is recommended.
This incident underscores the importance of timely security updates and vigilance among manufacturers and users in safeguarding against emerging cyber threats.
As hackers continue to exploit vulnerabilities in widely used technologies, proactive measures remain essential to protect sensitive data and maintain device integrity.
Upgrade Your Cybersecurity Skills With 100+ Premium Cyber Security Courses Online - Enroll Here
Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…
A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…
Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…
A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…
Tor Browser 14.0 has been officially launched. It brings significant updates and new features to…
INE Security offers essential advice to protect digital assets and enhance security. As small businesses…