Google Warns of a New Android Zero-Day Vulnerability Is Under Active Attack

Google Warns of a New Android Zero-Day Vulnerability Is Under Active Attack

Google has recently acknowledged about the threat actors who are using Qualcomm chipset as their weapon to launch different targeted attacks.

Google warns everyone regarding a new zero-day vulnerability that was patched recently, and this new vulnerability is only affecting Android devices. After detecting this new flaw Google tracked this Android vulnerability as CVE-2020-11261.

According to the report of Google, this new flaw mainly focuses on improper input validation issues that are present on Qualcomm’s graphics.

However, the chief component of these graphics could easily be exploited, and as a result, it increases the memory corruption when a threat actor request access to a large portion of the memory of the device.

Zero-day flaw

  • CVE ID: CVE-2020-11261
  • CVSS Score: 8.4
  • Severity: High
  • Component: Display

This new Android Zero-day vulnerability CVE-2020-11261 was initially determined by Google’s team of Android Security on July 20, 2020. After detecting the vulnerability, Google has reported this vulnerability to Qualcomm, and later it got fixed in January 2021.

Moreover, the security team also affirmed that they have noticed some implications of CVE-2020-11261 that are might be limited in the targeted exploitation.

Not only this but as we said above that this vulnerability is continuously targeting all the Android devices, and this vulnerability is mainly focusing on improper input validation issues which are accessible in Qualcomm’s graphics.

Flaw in Qualcomm’s graphics component

After investigating the whole vulnerability the analyst of the security team has confirmed that this new Zero-day vulnerability is affecting Qualcomm’s graphics component.

Not only this but the new Zero-day vulnerability also influencing the Qualcomm closed-source components. However, these affected components could be utilized to increase memory corruption when a threat actor directly requests access to a large chunk of the device’s memory. 

Apart from this, the security team of Google has yet not released the identity of the threat actors, also the victims that are targeted in this vulnerability. 

Generally, Google does not share any information regarding the victim or the threat actors, but, here, the main motive of doing this is that Google wants to stop other threat actors from taking any type of advantage.


Source: GBHackers

Leave a Reply