Login Sign Up

CVE-2024-43084

5.5 MEDIUM

📋 TL;DR

This CVE describes a confused deputy vulnerability in Android's visitUris function that allows local information disclosure without user interaction. Attackers can exploit this to access sensitive data from other apps or system components. All Android devices running vulnerable versions are affected.

💻 Affected Systems

Products:
  • Android
Versions: Android versions prior to November 2024 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects multiple framework files; all Android devices with vulnerable versions are affected regardless of configuration.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of sensitive user data including credentials, personal information, and app-specific data through unauthorized access to protected content.

🟠

Likely Case

Limited information disclosure of app-specific data or system information that could be used for further attacks or privacy violations.

🟢

If Mitigated

No impact if patched; minimal risk if proper app sandboxing and permission controls are enforced.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring access to the device.
🏢 Internal Only: MEDIUM - Malicious apps or users with physical access could exploit this to access sensitive information.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to execute code; no user interaction needed but attacker needs to bypass app sandboxing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: November 2024 Android Security Patch or later

Vendor Advisory: https://source.android.com/security/bulletin/2024-11-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install November 2024 security patch or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store to reduce attack surface

Review app permissions

android

Regularly audit and restrict unnecessary app permissions that could be abused

🧯 If You Can't Patch

  • Isolate vulnerable devices from sensitive networks and data
  • Implement strict app whitelisting and disable unknown sources installation

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows November 2024 or later date

📡 Detection & Monitoring

Log Indicators:

  • Unusual URI access patterns in system logs
  • Permission violations in security logs

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable for typical SIEM monitoring of this local Android vulnerability

📊 Metadata

CVE ID: CVE-2024-43084
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-1021
Published: November 13, 2024
Last Updated: March 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43084, you might also want to check these:

CVE-2021-23274 9.8

This CVE describes a clickjacking vulnerability in TIBCO API Exchange Gateway's Config UI component ...

Same vulnerability type (CWE-1021)
CVE-2021-21132 9.6

This vulnerability in Chrome DevTools allowed malicious Chrome extensions to escape the browser's se...

Same vulnerability type (CWE-1021)
CVE-2024-10004 9.1

This vulnerability in Firefox for iOS causes the browser to incorrectly display an HTTPS padlock ico...

Same vulnerability type (CWE-1021)