CVE-2024-43771

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 21, 2025

Updated: Jan 22, 2025

CWE ID 787

Summary

CVE-2024-43771 is a newly disclosed vulnerability affecting the gatt_sr.cc file in Bluetooth Low Energy (BLE) implementations. The issue lies in the gatts_process_read_req function where a bounds check is missing, leading to a possible out-of-bounds write. This vulnerability can be exploited remotely without user interaction, allowing an attacker to execute arbitrary code proximal or adjacent to the affected device, with no additional execution privileges required.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xyeJgG
https://www.cve.org/CVERecord?id=CVE-2024-43771
https://nvd.nist.gov/vuln/detail/CVE-2024-43771

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners