CVE-2024-43770

High

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0004 13.1th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Security Summary

CVE-2024-43770 is a vulnerability involving an out-of-bounds write due to a missing bounds check in the gatts_process_find_info function of gatt_sr.cc. This issue affects the Android Bluetooth GATT server component.

The vulnerability enables remote proximal or adjacent code execution with no additional execution privileges required and no user interaction needed. Per the CVSS v3.1 score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), an unauthenticated attacker within Bluetooth range can exploit it with low complexity to gain high-impact control over confidentiality, integrity, and availability.

The Android Security Bulletin for January 2025 at https://source.android.com/security/bulletin/2025-01-01 details patches addressing this CVE in supported Android versions.

Details

CWE(s): CWE-94

Affected Products

google

android

12.0, 12.1, 13.0, 14.0, 15.0

References

https://source.android.com/security/bulletin/2025-01-01
Vendor Advisory · security@android.com