CVE-2024-43096

High

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0025 48.1th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43096 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Google Android. Its CVSS base score is 8.8 (High).

Operationally, ranked at the 48.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Mandates timely identification, reporting, and patching of software flaws like the missing bounds check in Android's Bluetooth GATT server build_read_multi_rsp function.

SI-10 Information Input Validation good match

prevent

Requires validation of incoming Bluetooth GATT read multi response data to enforce bounds checks and prevent out-of-bounds writes.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms such as non-executable stacks and ASLR to block code execution from out-of-bounds writes in the GATT server.

NVD Description

In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Deeper analysisAI

CVE-2024-43096 is a vulnerability in the build_read_multi_rsp function of gatt_sr.cc, which is part of the Android Bluetooth GATT server implementation. The issue arises from a missing bounds check, enabling an out-of-bounds write (CWE-787). It was published on January 21, 2025, with a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

An attacker within adjacent physical proximity can exploit this vulnerability remotely over Bluetooth to achieve code execution. No additional execution privileges, user interaction, or authentication are required, making it accessible to unauthenticated adversaries with low-complexity attacks.

The Android Security Bulletin dated January 1, 2025, addresses this vulnerability with patches for affected Android versions, recommending that users and administrators apply the latest security updates to mitigate the risk.

Details

CWE(s): CWE-787

Affected Products

google

android

12.0, 12.1, 13.0, 14.0, 15.0

CVEs Like This One

CVE-2026-0010Same product: Google Android

CVE-2026-0113Same product: Google Android

CVE-2024-49749Same product: Google Android

CVE-2024-53838Same product: Google Android

CVE-2026-0122Same product: Google Android

CVE-2024-49748Same product: Google Android

CVE-2025-36937Same product: Google Android

CVE-2026-0111Same product: Google Android

CVE-2026-0123Same product: Google Android

CVE-2026-0116Same product: Google Android

References

https://source.android.com/security/bulletin/2025-01-01
Vendor Advisory · security@android.com