Now-Patched Android Zero-Day Actively Exploited For Targeted Attacks cardmafiamn, ferum-shopsu
Heads up, Android users. A new zero-day is under active exploitation in the wild targeting Android users. Since the bug has already received the fix, make sure to update your Android devices at the earliest.
Reportedly, a serious Android zero-day has attracted the attention of criminal hackers for targeted attacks.
This vulnerability, CVE-2020-11261, is a high-severity bug and has received a CVSS score of 8.4. It exploits the Qualcomm chipsets, more precisely, the Graphics component for display.
The bug is basically an improper input validation issue. As described in Qualcomm’s advisory ,
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size.
The vulnerability first caught the attention of the Google Android Security team in July 2020. They then reported the matter to Qualcomm for a fix.
Recently, Qualcomm has patched the vulnerability in January 2021 that Google mentioned in its Android Security Bulletin for January 2021. The tech giant didn’t reveal technical details of this vulnerability to avoid further exploitation. Yet, it confirmed the active exploitation of this bug.
There are indications that CVE-2020-11261 may be under limited, targeted exploitation.
Despite being serious, the vulnerability has a limitation of local access to the target device. Hence, it rules out the possibilities of remote attacks (easily) that may wage massive hacking campaigns.
However, the bug still went under attack as the hackers are exploiting it to specifically aim at certain targets.
Also, attackers employing watering hole attacks may exploit the vulnerability.
Therefore, Android users should ensure updating their devices with the latest Android Security patch update. While it’s always recommended to keep all devices up-to-date with the latest software, in the case of security bugs, it is even more important.
Whereas, for this zero-day, users should rush to update their Android devices given the active exploitation of the flaw.