Multiple Vulnerabilities in Google Android OSCould Allow for Remote Code Execution

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution with no additional execution privileges needed. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account, threat actors could install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Threat Intelligence Google indicates limited, targeted exploitation of CVE-2024-43093 and CVE-2024-50302.

Systems Affected

Android OS patch levels prior to 2025-03-05

Risk
Government: – Large and medium government entities: High – Small government entities: High

Businesses: – Large and medium business entities: High
– Small business entities: High

Home Users: Low

Recommendations

Apply appropriate mitigations provided by Google to vulnerable systems immediately after appropriate testing. Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring. Restrict execution of code to a virtual environment on or in transit to an endpoint system.

Reference
Android:
https://source.android.com/docs/security/bulletin/2025-03-01