Monday, April 28, 2025
Follow us On Linkedin
HomeAndroidAndroid Security Update - Code Execution Flaw Let Hackers Control Your Android...

Android Security Update – Code Execution Flaw Let Hackers Control Your Android Device Remotely – Update Now

AndroidComputer SecurityCyber Security NewsSecurity HackerSecurity UpdatesUncategorized

Published on

By Balaji
Android Security Update - Code Execution Flaw Let Hackers Control Your Android Device Remotely - Update Now

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Android security bulletin published new security updates with the fixes for critical vulnerabilities that affected Android devices.

Patched vulnerabilities Include 2 remote code execution vulnerabilities let hackers execute the code remotely to control the vulnerable Android devices, also these  two critical vulnerabilities impact all Android 7.0 or later devices.

Google patched totally 11 vulnerabilities that include, two remote code execution vulnerability affected the media framework under “critical” severity and 9 “high” severity vulnerabilities that exist in system and Framework.

- Advertisement - Google News

CVE-2019-2027 and CVE-2019-2028, Two remote code execution vulnerabilities enable a remote attacker to execute arbitrary code using a specially crafted file within the context of a privileged process.

CVE-2019-2026, A high severity vulnerability affected Android Framework let the local attacker gain additional permissions bypass with user interaction.

Remaining 8 other system level high severity vulnerabilities, enable a local malicious application to execute arbitrary code within the context of a privileged process.

Remaining 8 other system level high severity vulnerabilities, enable a local malicious application to execute arbitrary code within the context of a privileged process.

Android Security Update

Media Framework

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2019-2027A-119120561RCECritical7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2028A-120644655RCECritical7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9

Framework

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2019-2026A-120866126EoPHigh8.0

System

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2019-2030A-119496789EoPHigh9
CVE-2019-2031A-120502559EoPHigh7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2033A-121327565EoPHigh9
CVE-2019-2034A-122035770EoPHigh7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2035A-122320256EoPHigh7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2038A-121259048IDHigh7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2039A-121260197IDHigh7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2040A-122316913IDHigh9

All the Android users are requested to update your phone immediately to apply the latest Android security patch.

To learn how to check a device’s security patch level, see Check and update your Android version.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Most Important Android Penetration Testing Tools for Hackers & Security Professionals

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Cyber Security News

Windows 11 25H2 Expected to Launch with Minor Changes

Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2,...
CVE/vulnerability

China Claims U.S. Cyberattack Targeted Leading Encryption Company

China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one...
CVE/vulnerability

Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution

A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server...
cyber security

Viasat Modems Zero-Day Vulnerabilities Let Attackers Execute Remote Code

A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

Cyber Security News

Windows 11 25H2 Expected to Launch with Minor Changes

Microsoft is quietly preparing the next update to its flagship operating system, Windows 11 25H2,...
CVE/vulnerability

China Claims U.S. Cyberattack Targeted Leading Encryption Company

China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one...
CVE/vulnerability

Critical FastCGI Library Flaw Exposes Embedded Devices to Code Execution

A severe vulnerability (CVE-2025-23016) in the FastCGI library-a core component of lightweight web server...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved