July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Researchers Discover Flaws in Open-Source AI and ML Frameworks
October 30, 2024APT35 aka Charming Kitten – Active IOCs
October 30, 2024Researchers Discover Flaws in Open-Source AI and ML Frameworks
October 30, 2024APT35 aka Charming Kitten – Active IOCs
October 30, 2024
Severity
Medium
Analysis Summary
CVE-2024-47034 CVSS:5.1
there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-47030 CVSS:6.2
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component.
CVE-2024-47025 CVSS:4
Google Android could allow a local attacker to obtain sensitive information, caused by a logic error in the code in ppmp_protect_buf of drm_fw.c. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-47034
- CVE-2024-47030
- CVE-2024-47025
Affected Vendors
Google
Affected Products
- Google Android - Android kernel
Remediation
Upgrade to the latest version of Android, available from the Google Website.