- Android OS patch levels prior to 2024-10-05
- Large and medium government entities: High
- Small government entities: Medium
- Large and medium business entities: High
- Small business entities: Medium
- A vulnerability in System that could allow for remote code execution. (CVE-2024-40673)
- Multiple vulnerabilities in Framework that could allow for elevation of privilege. (CVE-2024-0044, CVE-2024-40676)
- Multiple vulnerabilities in System that could allow for elevation of privilege. (CVE-2024-40672, CVE-2024-40677)
- A vulnerability in Framework that could allow for denial of service. (CVE-2024-40675)
- A vulnerability in System that could allow for denial of service. (CVE-2024-40674)
- Multiple vulnerabilities in Imagination Technologies. (CVE-2024-34732, CVE-2024-34733, CVE-2024-34748, CVE-2024-40649, CVE-2024-40651, CVE-2024-40669, CVE-2024-40670)
- Multiple vulnerabilities in MediaTek components. (CVE-2024-20100, CVE-2024-20101, CVE-2024-20103, CVE-2024-20090, CVE-2024-20092, CVE-2024-20091, CVE-2024-20093, CVE-2024-20094)
- Multiple vulnerabilities in Qualcomm components. (CVE-2024-33049, CVE-2024-33069, CVE-2024-38399)
- A vulnerability in Qualcomm closed-source components. (CVE-2024-23369)
- Apply appropriate patches provided by Google to vulnerable systems, immediately after appropriate testing. (M1051: Update Software)
- Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.
- Safeguard 7.4: Perform Automated Application Patch Management: Perform application updates on enterprise assets through automated patch management on a monthly, or more frequent, basis.
- Safeguard 7.5: Perform Automated Vulnerability Scans of Internal Enterprise Assets: Perform automated vulnerability scans of internal enterprise assets on a quarterly, or more frequent, basis. Conduct both authenticated and unauthenticated scans, using a SCAP-compliant vulnerability scanning tool.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources. Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from un-trusted sources. (M1017: User Training)
- Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring. (M1050: Exploit Protection)
- Safeguard 10.5: Enable Anti-Exploitation Features: Enable anti-exploitation features on enterprise assets and software, where possible, such as Apple® System Integrity Protection (SIP) and Gatekeeper™.
- Safeguard 13.10 : Perform Application Layer Filtering: Perform application layer filtering. Example implementations include a filtering proxy, application layer firewall, or gateway.
REFERENCES:
Google: https://source.android.com/<wbr />docs/security/bulletin/2024-<wbr />10-01 CVE: https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-0044 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20090 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20091 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20092 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20093 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20094 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20100 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20101 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />20103 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />23369 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />33049 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />33069 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />34732 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />34733 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />34748 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />38399 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40649 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40651 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40669 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40670 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40672 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40673 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40674 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40675 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40676 https://cve.mitre.org/cgi-bin/<wbr />cvename.cgi?name=CVE-2024-<wbr />40677
