Android: bypass of file path filter (CVE-2024-43093) #shorts #breaking

CVE

This CVE pertains to a new zero-day vulnerability involving a bypass of the file path filter in Google's Android operating systems, versions 12 through 15. It involves an incorrect Unicode normalization in the code of ExternalStorageProvider.java, which inadvertently allows users to navigate to restricted directories that should remain inaccessible. The flaw can potentially lead to an unauthorized escalation of local privileges without requiring any additional execution rights, though it does necessitate some user interaction. While no specific attacks have been reported yet, this vulnerability poses a risk to all Android users on the affected versions.

Watch the full video on YouTube: CVE-2024-43093

Remediation and exploitation details

This chain involves the following actors

This following systems are involved

Attack entry point

Remediation actions

Exploitation actions

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2024-43093
Description
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Provider
google_android
CWE / problem types
Elevation of privilege
Affected Software Versions
Google:Android:[{'version': '15', 'status': 'affected'}, {'version': '14', 'status': 'affected'}, {'version': '13', 'status': 'affected'}, {'version': '12', 'status': 'affected'}]
Date Published
2024-11-13T17:25:14.006Z
Last Updated
2024-11-13T19:45:19.984Z