Android warns of Qualcomm exploit in latest security bulletin | CyberScoop<\/title> <meta name=\"description\" content=\"The November security bulletin warns of a bug in Qualcomm chipsets via a use-after-free vulnerability in its FastRPC driver.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/2024-android-security-bulletin-november-qualcomm-fastrpc-driver\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Android warns of Qualcomm exploit in latest security bulletin\"> <meta property=\"og:description\" content=\"The November security bulletin warns of a bug in Qualcomm chipsets via a use-after-free vulnerability in its FastRPC driver.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/2024-android-security-bulletin-november-qualcomm-fastrpc-driver\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-11-04T23:34:04+00:00\"> <meta property=\"article:modified_time\" content=\"2024-11-04T23:34:07+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1282\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1729616464g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1728928671g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1729103471g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ada0ad45b21fc79c6694\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/82434\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.6.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=82434\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2F2024-android-security-bulletin-november-qualcomm-fastrpc-driver%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2F2024-android-security-bulletin-november-qualcomm-fastrpc-driver%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-82434 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/2024-android-security-bulletin-november-qualcomm-fastrpc-driver\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.350253807107\">\n<div class=\"single-article__header-content\" readability=\"32.471098265896\">\n<p> The November security bulletin includes two CVE’s reportedly exploited in the wild. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/82434\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"427\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin.jpg?resize=640%2C427&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=768,513 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=1024,684 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=1536,1026 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=600,401 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=505,337 505w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=1011,675 1011w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-2.jpg?resize=1263,843 1263w\" sizes=\"(max-width: 1011px) 100vw, 1011px\"><figcaption> Screen of smartphone with icons. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"25.87037037037\"><body readability=\"53.471783295711\"><\/p>\n<p>Android\u2019s <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2024-11-01\">monthly security bulletin<\/a> published Monday warns of two vulnerabilities with \u201climited, targeted exploitation\u201d in the wild.<\/p>\n<p>One vulnerability impacts Qualcomm chipsets via a use-after-free vulnerability in its FastRPC driver. Designated as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-43047\">CVE-2024-43047<\/a>, the bug was reported to be under active exploitation <a href=\"https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2024-bulletin.html\">in early October<\/a> and is rated \u201chigh\u201d severity with a CVSS score of 7.8.<\/p>\n<p>A FastRPC driver is a piece of software in Qualcomm\u2019s chip design that helps the main processor talk to the digital signal processor (DSP) using the FastRPC protocol. This driver handles data transfer and remote commands, letting apps use the DSP\u2019s special processing power effectively for tasks like processing media, running machine learning, and other demanding applications.<\/p>\n<p>Although victims have not yet been made public, Qualcomm <a href=\"https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/october-2024-bulletin.html\">cited researchers<\/a> at Google\u2019s Threat Analysis Group for the indications of exploitation which was <a href=\"https:\/\/techcrunch.com\/2024\/10\/09\/hackers-were-targeting-android-users-with-qualcomm-zero-day\/\">later confirmed<\/a> by Amnesty International\u2019s Security Lab.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Qualcomm said in an emailed statement that the company commends \u201cthe researchers from Google Project Zero and Amnesty International Security Lab for using coordinated disclosure practices.\u201d<\/p>\n<p>\u201cRegarding their FastRPC driver research, fixes have been made available to our customers as of September 2024. We encourage end users to apply security updates as they become available from device makers,\u201d Qualcomm said.<\/p>\n<p>Neither Google nor the Security Lab at Amnesty International responded to requests for comment. The involvement of the human rights group could be an indication that either state-backed hacking or surveillance activity may be at the center of the narrow campaign.<\/p>\n<p>Monday\u2019s security bulletin also included another vulnerability \u2014 <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-43093\">CVE-2024-43093<\/a> \u2014 which Google claims is also under exploitation. However, the vulnerability is currently in the process of being formally reviewed and documented, so no further details have been released.<\/p>\n<p>Kern Smith, vice president of global sales engineering at the mobile cybersecurity firm Zimperium, said attackers are increasingly targeting employee devices to access corporate data and exploit supply chains. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cIt\u2019s really a matter of when their devices or apps will be exposed to some level of vulnerability,\u201d Smithsaid. \u201cMobile devices face the same or similar challenges like any other end point, especially when they\u2019re critical to our personal and also to our professional lives.\u201d<\/p>\n<p>Smith added that targeting mobile hardware is an increasingly common attack method.<br \/>There were 44 CVEs fixed in total. You can see the full list on <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2024-11-01\">Android\u2019s website<\/a>.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.3972602739726\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin-1.jpg?w=640&ssl=1\" alt=\"Christian Vasquez\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Christian Vasquez<\/h4>\n<p> Christian covers industrial cybersecurity for CyberScoop News. He previously wrote for E&E News at POLITICO covering cybersecurity in the energy sector. Reach out: christian.vasquez at cyberscoop dot com <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/2024-android-security-bulletin-november-qualcomm-fastrpc-driver\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Android warns of Qualcomm exploit in latest security bulletin |<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3035,2491,1468,3036,256,288,2281,703,1170],"tags":[3037,2493,1470,3038,262,294,2283,705,1171],"class_list":["post-6086","post","type-post","status-publish","format-standard","hentry","category-amnesty-international","category-android","category-google-threat-analysis-group","category-qualcomm","category-research","category-threats","category-vulnerability","category-vulnerability-disclosure","category-zero-days","tag-amnesty-international","tag-android","tag-google-threat-analysis-group","tag-qualcomm","tag-research","tag-threats","tag-vulnerability","tag-vulnerability-disclosure","tag-zero-days"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/amnesty-international\/\" rel=\"category tag\">Amnesty International<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/android\/\" rel=\"category tag\">Android<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google-threat-analysis-group\/\" rel=\"category tag\">Google Threat Analysis Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/qualcomm\/\" rel=\"category tag\">Qualcomm<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability\/\" rel=\"category tag\">vulnerability<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerability-disclosure\/\" rel=\"category tag\">vulnerability disclosure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-days\/\" rel=\"category tag\">zero-days<\/a>","tag_info":"zero-days","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6086"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6086\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6086"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":6086,"date":"2024-11-04T17:34:04","date_gmt":"2024-11-04T23:34:04","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=82434"},"modified":"2024-11-04T17:34:04","modified_gmt":"2024-11-04T23:34:04","slug":"android-warns-of-qualcomm-exploit-in-latest-security-bulletin","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/11\/04\/android-warns-of-qualcomm-exploit-in-latest-security-bulletin\/","title":{"rendered":"Android warns of Qualcomm exploit in latest security bulletin"},"content":{"rendered":"