CVE-2024-43770Code Injection in Packages Modules Bluetooth

CWE-94Code InjectionCWE-787Out-of-bounds WriteCWE-79Cross-site Scripting7 documents7 sources
Severity
8.8HIGHNVD
CISA6.1
EPSS
0.0%
top 86.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Platform Packages Modules BluetoothPlatform System BTGoogle Android
Timeline
PublishedJan 21
Latest updateAug 23

Description

In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

Androidplatform/system_bt12:012:2025-01-01+1
Androidplatform/packages_modules_bluetooth15-next:015-next:2025-01-01+3
CVEListV5google/android5 versions+4
NVDgoogle/android5 versions+4

🔴Vulnerability Details

4
GHSA
Liferay Portal vulnerable to Reflected XSS with the referer and forward parameter2025-08-23
GHSA
GHSA-fq6x-64vf-73q4: In gatts_process_find_info of gatt_sr2025-01-22
CVEList
CVE-2024-43770: In gatts_process_find_info of gatt_sr2025-01-21
OSV
CVE-2024-43770: In gatts_process_find_info of gatt_sr2025-01-01

📋Vendor Advisories

2
Android
CVE-2024-43770: Android Security Bulletin 2025-01-01 CVE: CVE-2024-43770 Severity: CRITICAL Type: RCE Affected AOSP versions: 12, 12L, 13, 14, 15 References: A-3640262025-01-01
CISA
Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability2024-02-12
CVE-2024-43770 — Code Injection | cvebase