Cyber Resilience

CVE-2024-43077

High

Published: 03 January 2025

Published
03 January 2025
Modified
03 July 2025
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0003 10.1th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43077 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Google Android. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-43077 is a memory corruption vulnerability in the DevmemValidateFlags function of devicemem_server.c, resulting in a possible out-of-bounds write. This issue affects Android devices, as documented in the associated security bulletin.

A local attacker with low privileges (PR:L) can exploit this vulnerability without requiring user interaction or additional execution privileges. Successful exploitation enables local escalation of privilege, with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), as reflected in its CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The root cause is classified under CWE-787 (Out-of-bounds Write).

Mitigation details, including available patches, are provided in the Android security bulletin at https://source.android.com/security/bulletin/2024-12-01.

EU & UK References

Vulnerability details

In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local memory corruption (OOB write) directly enables exploitation for privilege escalation on Android.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-49745Same product: Google Android
CVE-2024-53837Same product: Google Android
CVE-2024-53838Same product: Google Android
CVE-2026-0124Same product: Google Android
CVE-2024-49738Same product: Google Android
CVE-2026-0037Same product: Google Android
CVE-2026-0117Same product: Google Android
CVE-2026-0123Same product: Google Android
CVE-2026-0010Same product: Google Android
CVE-2024-53833Same product: Google Android

Affected Assets

google
android
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-16 implements memory protection mechanisms such as DEP and ASLR that directly prevent exploitation of out-of-bounds write vulnerabilities like the one in DevmemValidateFlags.

prevent

SI-2 requires timely flaw remediation, directly addressing the memory corruption vulnerability through patching as specified in the Android security bulletin.

prevent

AC-6 enforces least privilege on processes like devicemem_server, limiting the scope and impact of local privilege escalation from exploitation.

References