Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

The Hacker News by The Hacker News
March 4, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Mar 04, 2025Ravie LakshmananVulnerability / Mobile Security

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild.

The two high-severity vulnerabilities are listed below –

  • CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories, and their respective sub-directories.
  • CVE-2024-50302 – A privilege escalation flaw in the HID USB component of the Linux kernel that could lead to a leak of uninitialized kernel memory to a local attacker through specially crafted HID reports.

It’s worth noting that CVE-2024-43093 was previously flagged by Google in its security advisory for November 2024 as actively exploited in the wild. It’s not clear what prompted the tech giant to issue the alert a second time.

Cybersecurity

The Hacker News has reached out to Google for further comment, and we will update the story if we hear back.

CVE-2024-50302, on the other hand, is one of the three vulnerabilities that were chained into a zero-day exploit devised by Cellebrite to break into a Serbian youth activist’s Android phone in December 2024.

The exploit involved the use of CVE-2024-53104, CVE-2024-53197, and CVE-2024-50302 to gain elevated privileges and likely deploy an Android spyware dubbed NoviSpy.

All three vulnerabilities reside in the Linux kernel and were patched late last year. CVE-2024-53104 was addressed by Google in Android last month.

In its advisory, Google acknowledged that both CVE-2024-43093 and CVE-2024-50302 have come under “limited, targeted exploitation.”

The Mountain View-based company has released two security patch levels, 2025-03-01 and 2025-03-05, so as to give flexibility to Android partners to address a portion of vulnerabilities that are similar across all Android devices more quickly.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Pegatron 5G con socios industriales optimiza las redes privadas en el MWC 2025

Pegatron 5G con socios industriales optimiza las redes privadas en el MWC 2025

Recommended.

2025 Wired, WLAN Gartner Magic Quadrant: Cisco Drops To Challenger, NaaS Specialists Join

2025 Wired, WLAN Gartner Magic Quadrant: Cisco Drops To Challenger, NaaS Specialists Join

July 14, 2025
Gartner: IT leaders need to prepare for GenAI legal issues | Computer Weekly

Gartner: IT leaders need to prepare for GenAI legal issues | Computer Weekly

October 6, 2025

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Anaconda Extends AI-Native Application Development With Acquisition

Anaconda Extends AI-Native Application Development With Acquisition

May 1, 2026
AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

April 30, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio