Google has rolled out its March 2025 Android Security Bulletin, addressing a total of 44 security vulnerabilities, including two high-severity flaws that have been actively exploited in the wild.
Actively Exploited Android Vulnerabilities
The two critical security vulnerabilities patched in this update are:
✅ CVE-2024-43093 - A privilege escalation flaw in the Framework component. This vulnerability could allow unauthorized access to sensitive directories such as:
Android/data
Android/obb
Android/sandbox and their subdirectories
✅ CVE-2024-50302 - A privilege escalation flaw in the HID USB component of the Linux kernel. This vulnerability enables a local attacker to leak uninitialized kernel memory using specially crafted HID reports.
Repeated Warning on CVE-2024-43093
Notably, CVE-2024-43093 was previously flagged by Google in its November 2024 Security Advisory as being actively exploited. However, Google has issued another alert, raising questions about the severity of its impact or new attack vectors discovered.
Exploitation of CVE-2024-50302 in Zero-Day Attacks
CVE-2024-50302 was reportedly one of three vulnerabilities leveraged in a zero-day attack attributed to Cellebrite. The attack, which targeted a Serbian youth activist’s Android phone in December 2024, involved chaining the following vulnerabilities:
This exploit likely enabled attackers to escalate privileges and deploy a sophisticated Android spyware, dubbed NoviSpy. All three vulnerabilities reside in the Linux kernel and were patched late last year. Notably, CVE-2024-53104 was already fixed in last month’s Android update.
Google’s Security Response
Google has officially acknowledged that CVE-2024-43093 and CVE-2024-50302 have been subjected to “limited, targeted exploitation.”
To ensure swift patch deployment, Google has released two security patch levels:
2025-03-01 – Addresses a subset of vulnerabilities affecting all Android devices.
2025-03-05 – Covers additional fixes for enhanced security.
These patch levels provide flexibility for Android partners to address vulnerabilities promptly while ensuring a more secure ecosystem.
Stay Secure: What You Should Do
✅ Update your device to the latest Android security patch. ✅ Avoid sideloading apps from untrusted sources. ✅ Enable Google Play Protect for real-time threat detection. ✅ Monitor app permissions to prevent unauthorized access to sensitive data.
Google’s ongoing security updates demonstrate its commitment to protecting users against evolving cyber threats. Ensure your Android device is updated promptly to mitigate potential risks.