Tracked as CVE-2020-11261 and getting a CVSS score of 8.4, a now-patched vulnerability affecting Android devices that use the Qualcomm chipsets is being weaponized by attackers, according to Google. Google stated on March 18th that there may be limited targeted exploitation of the vulnerability. The exploitation could trigger memory corruption when an attacker-engineered app requests access to a considerable chunk of device memory. The vulnerability was initially reported to Google on July 20th, 2020, and a patch was released in January 2021. The access vector for the vulnerability is “local”, meaning attackers either need physical access to the device or use other means such as a watering-hole attack to gain access. Specifics about the threat actor exploiting the vulnerability and how they are doing it have not been released, which is typical for the Google Security Team, as a means to prevent other actors from taking advantage of the vulnerability.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased