CVE-2024-43093 (GCVE-0-2024-43093)

Vulnerability from cvelistv5 – Published: 2024-11-13 17:25 – Updated: 2025-10-21 22:55
VLAI CISA KEV
Summary
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Severity
7.3 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
SSVC
Exploitation: active Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • Elevation of privilege
  • CWE-176 - Improper Handling of Unicode Encoding
Assigner
References
Impacted products
Vendor Product Version
Google Android Affected: 15
Affected: 14
Affected: 13
Affected: 12L
Affected: 12
Create a notification for this product.
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 1ec72d66-1291-4be7-8894-105a053925fa

Vulnerability ID: CVE-2024-43093

Status: Confirmed

Status Updated: 2024-11-07 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2024-11-07
Asserted: 2024-11-07
Scope
Notes: KEV entry: Android Framework Privilege Escalation Vulnerability | Affected: Android / Framework | Description: Android Framework contains an unspecified vulnerability that allows for privilege escalation. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-11-28 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://source.android.com/docs/security/bulletin/2024-11-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43093
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes
Feed CISA Known Exploited Vulnerabilities Catalog
Product Framework
Due Date 2024-11-28
Date Added 2024-11-07
Vendorproject Android
Vulnerabilityname Android Framework Privilege Escalation Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-43093",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:51:45.945968Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-11-07",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43093"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-176",
                "description": "CWE-176 Improper Handling of Unicode Encoding",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:36.710Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43093"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-11-07T00:00:00.000Z",
            "value": "CVE-2024-43093 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "15"
            },
            {
              "status": "affected",
              "version": "14"
            },
            {
              "status": "affected",
              "version": "13"
            },
            {
              "status": "affected",
              "version": "12L"
            },
            {
              "status": "affected",
              "version": "12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to  incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Elevation of privilege",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T22:48:33.510Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://android.googlesource.com/platform/frameworks/base/+/7f83c671626f9bf993581f4598c22482d87cba10"
        },
        {
          "url": "https://source.android.com/security/bulletin/2025-03-01"
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.7.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2024-43093",
    "datePublished": "2024-11-13T17:25:14.006Z",
    "dateReserved": "2024-08-05T14:29:53.937Z",
    "dateUpdated": "2025-10-21T22:55:36.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2024-43093",
      "dateAdded": "2024-11-07",
      "dueDate": "2024-11-28",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://source.android.com/docs/security/bulletin/2024-11-01 ; https://nvd.nist.gov/vuln/detail/CVE-2024-43093",
      "product": "Framework",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Android Framework contains an unspecified vulnerability that allows for privilege escalation.",
      "vendorProject": "Android",
      "vulnerabilityName": "Android Framework Privilege Escalation Vulnerability"
    },
    "epss": {
      "cve": "CVE-2024-43093",
      "date": "2026-06-09",
      "epss": "0.00138",
      "percentile": "0.33622"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-11-28",
      "cisaExploitAdd": "2024-11-07",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Android Framework Privilege Escalation Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8FB8EE9-FC56-4D5E-AE55-A5967634740C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"879FFD0C-9B38-4CAA-B057-1086D794D469\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2700BCC5-634D-4EC6-AB67-5B678D5F951D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8538774C-906D-4B03-A3E7-FA7A55E0DA9E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to  incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\"}, {\"lang\": \"es\", \"value\": \"En shouldHideDocument de ExternalStorageProvider.java, existe una posible omisi\\u00f3n de un filtro de ruta de archivo dise\\u00f1ado para evitar el acceso a directorios confidenciales debido a una normalizaci\\u00f3n incorrecta de Unicode. Esto podr\\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\\u00f3n adicionales. Se necesita la interacci\\u00f3n del usuario para la explotaci\\u00f3n.\"}]",
      "id": "CVE-2024-43093",
      "lastModified": "2024-11-14T21:42:34.923",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2024-11-13T18:15:21.713",
      "references": "[{\"url\": \"https://android.googlesource.com/platform/frameworks/base/+/67d6e08322019f7ed8e3f80bd6cd16f8bcb809ed\", \"source\": \"security@android.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://source.android.com/security/bulletin/2024-11-01\", \"source\": \"security@android.com\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@android.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-43093\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2024-11-13T18:15:21.713\",\"lastModified\":\"2025-10-23T14:52:44.257\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to  incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\"},{\"lang\":\"es\",\"value\":\"En shouldHideDocument de ExternalStorageProvider.java, existe una posible omisi\u00f3n de un filtro de ruta de archivo dise\u00f1ado para evitar el acceso a directorios confidenciales debido a una normalizaci\u00f3n incorrecta de Unicode. Esto podr\u00eda provocar una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. Se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2024-11-07\",\"cisaActionDue\":\"2024-11-28\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Android Framework Privilege Escalation Vulnerability\",\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-176\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8FB8EE9-FC56-4D5E-AE55-A5967634740C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C64C1583-CDE0-4C1F-BDE6-05643C1BDD72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"879FFD0C-9B38-4CAA-B057-1086D794D469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2700BCC5-634D-4EC6-AB67-5B678D5F951D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8538774C-906D-4B03-A3E7-FA7A55E0DA9E\"}]}]}],\"references\":[{\"url\":\"https://android.googlesource.com/platform/frameworks/base/+/7f83c671626f9bf993581f4598c22482d87cba10\",\"source\":\"security@android.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://source.android.com/security/bulletin/2025-03-01\",\"source\":\"security@android.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43093\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43093\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:51:45.945968Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-11-07\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43093\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-07T00:00:00.000Z\", \"value\": \"CVE-2024-43093 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-43093\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-176\", \"description\": \"CWE-176 Improper Handling of Unicode Encoding\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:52:32.443Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\"}, {\"status\": \"affected\", \"version\": \"14\"}, {\"status\": \"affected\", \"version\": \"13\"}, {\"status\": \"affected\", \"version\": \"12L\"}, {\"status\": \"affected\", \"version\": \"12\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://android.googlesource.com/platform/frameworks/base/+/7f83c671626f9bf993581f4598c22482d87cba10\"}, {\"url\": \"https://source.android.com/security/bulletin/2025-03-01\"}], \"x_generator\": {\"engine\": \"cvelib 1.7.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to  incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Elevation of privilege\"}]}], \"providerMetadata\": {\"orgId\": \"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6\", \"shortName\": \"google_android\", \"dateUpdated\": \"2025-08-26T22:48:33.510Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-43093\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T22:55:36.710Z\", \"dateReserved\": \"2024-08-05T14:29:53.937Z\", \"assignerOrgId\": \"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6\", \"datePublished\": \"2024-11-13T17:25:14.006Z\", \"assignerShortName\": \"google_android\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.