CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-43047

Medium Severity
Qualcomm
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00309/1

CVE-2024-43047 is a memory corruption vulnerability found during the maintenance of HLOS memory maps. This vulnerability could allow an attacker to potentially execute arbitrary code or cause a denial-of-service condition. With an SVRS score of 30, while not critical, this vulnerability should still be addressed promptly. The flaw, categorized as CWE-416 (Use After Free), poses significant risks, especially with actively available exploits targeting it. The presence of tags such as "CISA KEV," "In The Wild," and "Exploit Available" further increases the need for rapid patch implementation, even though the CVSS score is 0, indicating it needs other vulnerabilities to work. While the CVSS indicates low severity, the SOCRadar Vulnerability Risk Score and available exploit show patching the vulnerability is critical to prevent potential security breaches. Failure to address this issue can lead to system instability and exploitation.

TAGS
CISA KEV
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-10-07
LAST MODIFIED2024-10-09
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-43047 is a memory corruption vulnerability in the memory maps of HLOS memory. This vulnerability has a CVSS score of 7.8, indicating a high severity level. However, SOCRadar's SVRS assigns a score of 40, indicating a moderate risk level. This discrepancy highlights the importance of considering additional factors beyond CVSS when assessing vulnerability severity.

Key Insights

  • Active Exploits: Active exploits have been published for this vulnerability, indicating that it is actively being exploited by hackers.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about this vulnerability, calling for immediate and necessary measures to mitigate the risk.
  • In The Wild: This vulnerability is actively exploited by hackers, making it a critical threat to organizations.
  • Threat Actors: Specific threat actors or APT groups exploiting this vulnerability have not been identified.

Mitigation Strategies

  • Apply Software Updates: Install the latest software updates from the vendor to patch the vulnerability.
  • Enable Security Controls: Implement security controls such as firewalls, intrusion detection systems, and anti-malware software to prevent exploitation attempts.
  • Monitor Network Traffic: Monitor network traffic for suspicious activity and investigate any anomalies.
  • Educate Users: Educate users about the vulnerability and best practices for protecting against it, such as avoiding suspicious links and attachments.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Qualcomm Multiple Chipsets Use-After-Free Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-430472024-10-08
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Zero-days among dozens of Android bugs addressed by Google - SC Media
2025-04-08
Zero-days among dozens of Android bugs addressed by Google - SC Media | News Content: April 8, 2025 Google has addressed 62 Android security vulnerabilities, including two actively exploited zero-day flaws, as part of this month's security update, reports BleepingComputer. More significant of the patched zero-days is the high-severity Linux kernel privilege escalation bug, tracked as CVE-2024-53197, which is part of a Cellebrite-developed exploit chain leveraged by Serbian authorities to infiltrate a targeted Android device. Such an exploit chain by the Israeli digital forensics firm also included the recently patched USB Video Class and
google.com
rss
forum
news
Google fixed two actively exploited Android zero-days
Pierluigi Paganini2025-04-08
Google fixed two actively exploited Android zero-days | Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio. Malicious devices […] Google
securityaffairs.co
rss
forum
news
Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons
Pierluigi Paganini2025-02-27
Cellebrite blocked Serbia from using its solution because misuse of the equipment for political reasons | Cellebrite blocked Serbia from using its solution after reports that police used it to unlock and infect the phones of a journalist and activist. A report published by Amnesty International in December 2024 documented the use of Cellebrite’s forensics tools by Serbia police to unlock and install spyware on the phones of a local journalist and […] Cellebrite blocked
securityaffairs.co
rss
forum
news
Google fixed actively exploited kernel zero-day flaw
Pierluigi Paganini2025-02-04
Google fixed actively exploited kernel zero-day flaw | The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104, which is actively exploited in attacks in the wild. “There are indications that CVE-2024-53104 may be under limited, targeted exploitation.” reads Google’s […]
securityaffairs.co
rss
forum
news
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Google Project Zero ([email protected])2025-02-01
t. This, plus an info leak, would be more than enough to achieve code execution or arbitrary read/write.ConclusionIt took less than 3 months of research to discover 6 separate bugs in the adsprpc driver, two of which (CVE-2024-49848 
blogspot.com
rss
forum
news
Yeni Android NoviSpy Casus Yazılımı Qualcomm Zero-Day Açıklarıyla İlişkilendirildi
Görkem Hınçer2024-12-30
Yeni Android NoviSpy Casus Yazılımı Qualcomm Zero-Day Açıklarıyla İlişkilendirildi | Qualcomm Sırbistan hükümeti, Qualcomm’un sıfır-gün (zero-day) açıklarını kullanarak Android cihazları hedef alan yeni bir casus yazılım olan NoviSpy‘ı geliştirdi. Bu yazılım, aktivistleri, gazetecileri ve protestocuları gözetlemek amacıyla kullanıldı. Etkilenen Güvenlik Açığı Qualcomm’a ait CVE-2024-43047 zafiyeti, Ekim 2024’te Google Project Zero tarafından aktif olarak kötüye kullanıldığı belirtilmiş ve Kasım ayında Android cihazlar için bir yama yayınlanmıştı. Amnesty International Güvenlik Laboratuvarı, NoviSpy yazılımını bir gazetecinin telefonunda keşfetti. Bu telefon, polis tarafından el konulduktan sonra sahibine iade edilmişti. NoviSpy ve
siberguvenlik.web.tr
rss
forum
news
Top 10 Daily Cybercrime Brief by FCRF [17.12.2024]: Click here to Know More - The420.in
2024-12-17
Top 10 Daily Cybercrime Brief by FCRF [17.12.2024]: Click here to Know More - The420.in | News Content: By Important global cybercrime news has been curated by FutureCrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail. 1. Cyber Thugs Use 42 Bank Accounts to Park Rs 50 Crore; Gang Busted Police in Junagadh uncovered a gang facilitating Rs 50 crore cyber fraud transactions using 200+ bank accounts. Money was parked illegally, withdrawn immediately, and routed via hawala networks. Eight arrests were
google.com
rss
forum
news

Social Media

"Just been in a tête-à-tête with Qualcomm's nasty bug, CVE-2024-43047! Here's a reminder, cybersecurity isn't for the faint-hearted. Fancy a spyware attack? Didn't think so! 💻💔 Patch up, mate! @CyberSecStu, ready to rumble? #infosec #mobilesecurity #cyberthreats #PatchTuesday" https://t.co/WjfYmoacvy
0
0
0
🚨 NoviSpy spyware targets journalists & activists in Serbia using Qualcomm zero-day flaws (e.g., CVE-2024-43047). 🔍 Installs via zero-click VoLTE calls 🛑 Targets Android kernel persistently ⚠️ Patch devices now to mitigate! #CyberSecurity #Spyware #ZeroDay
0
0
0
@mclsza CVE-2024-43047 is not relevant to GrapheneOS on the officially supported devices since it's a Qualcomm SoC related vulnerability.
0
0
1
@zarchasmpgmr Various digital wallet NFC exploits w/ OS needing patches Google Pay CVE-2024-43047 & CVE-2024-43093, iOS 0-day CVE-2023-41064 & CVE-2023-41061. CVE-2024-20017 MediaTek chipsets, including MT6890, MT7915, MT7916, MT7981, MT7986, and MT7622, CVE-2024-43461 (Win), CVE-2024-0568
0
0
0
Security alert for Android users! Two zero-day vulnerabilities, CVE-2024-43047 and CVE-2024-43093, are actively being exploited in targeted attacks, prompting a crucial need for immediate updates. 🔹 CVE-2024-43047: A high-severity vulnerability in Qualcomm chipsets (CVSS 7.8)
1
3
2
Urgent Android security updates released for critical vulnerabilities (CVE-2024-43047 & CVE-2024-43093). Qualcomm & Google Play flaws allow privilege escalation; suspected spyware use. Update your device NOW! #Android #SecurityUpdate https://t.co/7ZwY4SCc0C
0
0
0
Android Alarm: CVE-2024-43093 & CVE-2024-43047 Exploited in the Wild! Hot Take: Ah, Android vulnerabilities—the gift that keeps on giving! Just when you thought your phone was safe, a new exploit emerges to ruin your day. If hacking was an Olympic sport, these threat actors https://t.co/S4tNxv0Zhp
0
0
0
🗣 CVE-2024-43047 & CVE-2024-43093: Android Zero-Days Demand Immediate Patching https://t.co/K2b7Tgb0pu
0
0
0
CVE-2024-43047 & CVE-2024-43093: Android Zero-Days Demand Immediate Patching Google's November 2024 security update addresses 40 flaws in Android, including the actively exploited CVE-2024-43093 & CVE-2024-43047 https://t.co/fuXRzvdpzY
0
0
1
Actively exploited CVE : CVE-2024-43047
1
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSQualcommfastconnect_6700_firmware
Configuration 2
TypeVendorProduct
OSQualcommfastconnect_6800_firmware
Configuration 3
TypeVendorProduct
OSQualcommfastconnect_6900_firmware
Configuration 4
TypeVendorProduct
OSQualcommfastconnect_7800_firmware
Configuration 5
TypeVendorProduct
OSQualcommqam8295p_firmware
Configuration 6
TypeVendorProduct
OSQualcommqca6174a_firmware
Configuration 7
TypeVendorProduct
OSQualcommqca6391_firmware
Configuration 8
TypeVendorProduct
OSQualcommqca6426_firmware
Configuration 9
TypeVendorProduct
OSQualcommqca6436_firmware
Configuration 10
TypeVendorProduct
OSQualcommqca6574au_firmware
Configuration 11
TypeVendorProduct
OSQualcommqca6584au_firmware
Configuration 12
TypeVendorProduct
OSQualcommqca6595_firmware
Configuration 13
TypeVendorProduct
OSQualcommqca6595au_firmware
Configuration 14
TypeVendorProduct
OSQualcommqca6688aq_firmware
Configuration 15
TypeVendorProduct
OSQualcommqca6696_firmware
Configuration 16
TypeVendorProduct
OSQualcommqca6698aq_firmware
Configuration 17
TypeVendorProduct
OSQualcommqcs410_firmware
Configuration 18
TypeVendorProduct
OSQualcommqcs610_firmware
Configuration 19
TypeVendorProduct
OSQualcommqcs6490_firmware
Configuration 20
TypeVendorProduct
OSQualcommvideo_collaboration_vc1_firmware
Configuration 21
TypeVendorProduct
OSQualcommvideo_collaboration_vc3_firmware
Configuration 22
TypeVendorProduct
OSQualcommsa4150p_firmware
Configuration 23
TypeVendorProduct
OSQualcommsa4155p_firmware
Configuration 24
TypeVendorProduct
OSQualcommsa6145p_firmware
Configuration 25
TypeVendorProduct
OSQualcommsa6150p_firmware
Configuration 26
TypeVendorProduct
OSQualcommsa6155p_firmware
Configuration 27
TypeVendorProduct
OSQualcommsa8145p_firmware
Configuration 28
TypeVendorProduct
OSQualcommsa8150p_firmware
Configuration 29
TypeVendorProduct
OSQualcommsa8155p_firmware
Configuration 30
TypeVendorProduct
OSQualcommsa8195p_firmware
Configuration 31
TypeVendorProduct
OSQualcommsa8295p_firmware
Configuration 32
TypeVendorProduct
OSQualcommsd660_firmware
Configuration 33
TypeVendorProduct
OSQualcommsd865_5g_firmware
Configuration 34
TypeVendorProduct
OSQualcommsg4150p_firmware
Configuration 35
TypeVendorProduct
OSQualcommsnapdragon_660_mobile_firmware
Configuration 36
TypeVendorProduct
OSQualcommsnapdragon_680_4g_mobile_firmware
Configuration 37
TypeVendorProduct
OSQualcommsnapdragon_685_4g_mobile_firmware
Configuration 38
TypeVendorProduct
OSQualcommsnapdragon_8_gen_1_mobile_firmware
Configuration 39
TypeVendorProduct
OSQualcommsnapdragon_865_5g_mobile_firmware
Configuration 40
TypeVendorProduct
OSQualcommsnapdragon_865\+_5g_mobile_firmware
Configuration 41
TypeVendorProduct
OSQualcommsnapdragon_870_5g_mobile_firmware
Configuration 42
TypeVendorProduct
OSQualcommsnapdragon_888_5g_mobile_firmware
Configuration 43
TypeVendorProduct
OSQualcommsnapdragon_888\+_5g_mobile_firmware
Configuration 44
TypeVendorProduct
OSQualcommsnapdragon_auto_5g_modem-rf_firmware
Configuration 45
TypeVendorProduct
OSQualcommsnapdragon_auto_5g_modem-rf_gen_2_firmware
Configuration 46
TypeVendorProduct
OSQualcommsnapdragon_x55_5g_modem-rf_firmware
Configuration 47
TypeVendorProduct
OSQualcommsnapdragon_xr2_5g_firmware
Configuration 48
TypeVendorProduct
OSQualcommsw5100_firmware
Configuration 49
TypeVendorProduct
OSQualcommsw5100p_firmware
Configuration 50
TypeVendorProduct
OSQualcommsxr2130_firmware
Configuration 51
TypeVendorProduct
OSQualcommwcd9335_firmware
Configuration 52
TypeVendorProduct
OSQualcommwcd9341_firmware
Configuration 53
TypeVendorProduct
OSQualcommwcd9370_firmware
Configuration 54
TypeVendorProduct
OSQualcommwcd9375_firmware
Configuration 55
TypeVendorProduct
OSQualcommwcd9380_firmware
Configuration 56
TypeVendorProduct
OSQualcommwcd9385_firmware
Configuration 57
TypeVendorProduct
OSQualcommwcn3950_firmware
Configuration 58
TypeVendorProduct
OSQualcommwcn3980_firmware
Configuration 59
TypeVendorProduct
OSQualcommwcn3988_firmware
Configuration 60
TypeVendorProduct
OSQualcommwcn3990_firmware
Configuration 61
TypeVendorProduct
OSQualcommwsa8810_firmware
Configuration 62
TypeVendorProduct
OSQualcommwsa8815_firmware
Configuration 63
TypeVendorProduct
OSQualcommwsa8830_firmware
Configuration 64
TypeVendorProduct
OSQualcommwsa8835_firmware

References

ReferenceLink
[email protected]https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html

CWE Details

CWE IDCWE NameDescription
CWE-416Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence