CVE-2024-49748

Critical

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0560 90.4th percentile

Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Description

In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Security Summary

CVE-2024-49748 is a heap buffer overflow vulnerability stemming from an out-of-bounds write in the gatts_process_primary_service_req function within gatt_sr.cc, part of the Android Bluetooth GATT server component. This flaw affects Android devices with the vulnerable Bluetooth stack implementation. The issue carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-787 (Out-of-bounds Write). It was published on 2025-01-21.

A remote attacker can exploit this vulnerability over the network via Bluetooth without requiring authentication, privileges, or user interaction. Successful exploitation could result in remote code execution on the target device, potentially compromising confidentiality, integrity, and availability.

The Android Security Bulletin for 2025-01-01, available at https://source.android.com/security/bulletin/2025-01-01, details patches addressing this vulnerability in affected Android releases. Security practitioners should apply these updates promptly to mitigate the risk.

Details

CWE(s): CWE-787

Affected Products

google

android

12.0, 12.1, 13.0, 14.0, 15.0

References

https://source.android.com/security/bulletin/2025-01-01
Vendor Advisory · security@android.com