CVE-2024-43771

High

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0010 27.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-43771 is a high-severity Code Injection (CWE-94) vulnerability in Google Android. Its CVSS base score is 8.8 (High).

Operationally, ranked at the 27.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Enforces bounds checking on GATT read requests to directly prevent the out-of-bounds write vulnerability in gatts_process_read_req.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and patching of the specific flaw in Android's Bluetooth stack as detailed in the security bulletin.

SI-16 Memory Protection good match

prevent

Implements memory protections like non-executable memory and ASLR to mitigate arbitrary code execution resulting from the out-of-bounds write.

NVD Description

In gatts_process_read_req of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Deeper analysisAI

CVE-2024-43771 is a vulnerability in the gatts_process_read_req function of gatt_sr.cc, part of Android's Bluetooth stack, stemming from a missing bounds check that enables an out-of-bounds write. This flaw affects Android devices with Bluetooth enabled, particularly those processing GATT (Generic Attribute Profile) read requests in the Bluetooth Low Energy (BLE) server component.

Attackers in proximal or adjacent physical range (e.g., Bluetooth proximity) can exploit this remotely without requiring authentication privileges or user interaction. Successful exploitation leads to arbitrary code execution with the permissions of the Bluetooth process, potentially resulting in high-impact confidentiality, integrity, and availability compromises, as indicated by the CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The issue maps to CWE-94 (Code Injection).

The Android Security Bulletin for January 2025 at https://source.android.com/security/bulletin/2025-01-01 provides details on affected versions and patches. Security practitioners should apply the recommended updates to mitigate exploitation risks.

Details

CWE(s): CWE-94

Affected Products

google

android

12.0, 12.1, 13.0, 14.0, 15.0

CVEs Like This One

CVE-2024-43770Same product: Google Android

CVE-2024-49747Same product: Google Android

CVE-2024-43767Same product: Google Android

CVE-2025-48574Same product: Google Android

CVE-2025-36920Same product: Google Android

CVE-2026-0011Same product: Google Android

CVE-2025-36897Same product: Google Android

CVE-2026-0020Same product: Google Android

CVE-2026-0109Same product: Google Android

CVE-2026-0117Same product: Google Android

References

https://source.android.com/security/bulletin/2025-01-01
Vendor Advisory · security@android.com