Active Exploitation of High-Severity Vulnerability in Android Devices

Published on 06 Oct 2023

Google has released security updates to address a high-severity vulnerability (CVE-2023-4863) in their Android devices. The vulnerability is reportedly being actively exploited.

 

Successful exploitation of the heap buffer overflow vulnerability in libwebp could allow a remote attacker to execute an out of bounds memory write via a crafted HTML page.

 

The vulnerability affects versions Android 10 to 13.

 

Users and administrators of affected versions are advised to upgrade to the latest version immediately.

 

More information is available here:

https://source.android.com/docs/security/bulletin/2023-10-01

https://www.malwarebytes.com/blog/news/2023/10/update-your-android-devices-now-google-patches-two-actively-exploited-vulnerabilities

https://www.bleepingcomputer.com/news/security/android-october-security-update-fixes-zero-days-exploited-in-attacks/

Tags
Alerts Alerts & Advisories
Share