Hackers exploit fixed in January Android vulnerability

Google specialists discovered that hackers exploit in real attacks on a limited number of users a vulnerability in Android that is already known and fixed in January.

We are talking about the vulnerability CVE-2020-11261 in the Qualcomm graphics component, which is present in all Android devices that use Qualcomm chipsets, and was fixed in January this year.

The vulnerability could trigger a memory corruption error when a malicious application requests access to a large portion of the device’s memory. However, it can only be exploited locally, that is, an attacker can deliver his malicious code to the system only through an application already installed on the attacked device, having physical access to it.

The exploitation of the vulnerability was reported on Monday, March 22, by Ben Hawkes of Google Project Zero.

“Note: There are indications that CVE-2020-11261 may be under limited, targeted exploitation”, — Ben Hawkes wrote in Twitter.

Attacking these vulnerabilities is troublesome, but it seems that at least one cybercriminal group was not afraid of difficulties.

“It’s worth noting that the access vector for the vulnerability is “local,” meaning that exploitation requires local access to the device. In other words, to launch a successful attack, the bad actor must either have physical access to the vulnerable smartphone or use other means – e.g., a watering hole – to deliver malicious code and set off the attack chain”, — The Hacker News website reports.

Although the details of the attacks, the identity of the attacker and targeted victims were not disclosed, Google often refuses to provide such information so that other attackers do not exploit the vulnerability.

The Google Threat Analysis Group is currently investigating the incidents.

It is not specified, whether the aforementioned vulnerability was used in a global hacking campaign recently disclosed by Google experts against users of Android, iOS and Windows devices.

Essentially, this information once again underscores the need for timely installation of monthly security updates as soon as they become available to prevent hackers’ abuse of Android devices.

Recall that we already wrote that Experts found vulnerability in Qualcomm processors that endangers all Android-devices owners.