Thursday, May 1, 2025
HomeAndroidNew Android Zero-day Vulnerability Let Hackers Take Full Control the Samsung, Pixel,...

New Android Zero-day Vulnerability Let Hackers Take Full Control the Samsung, Pixel, Huawei, Xiaomi, Moto Mobiles

Published on

SIEM as a Service

Follow Us on Google News

Researchers from Google project zero uncovered a critical zero-day vulnerability that affected at least 18 Android models including Samsung, Moto, Huawei, Pixel, Xiaomi and more.

Some of the depth pieces of evidence show that the vulnerability is being exploited in wide and gives complete access to the Vulnerable Android devices.

An Android zero-day exploit that discovered in wide believed to be attributed to the Isreal based NSO group employed exploit developers or their customers who bought it from them and used it to compromise the Android users.

- Advertisement - Google News

But we news media later reached the NSO groups and asked for comment, in which their spoke person denied that they did not sell, and will never sell exploits or vulnerabilities, also they give followings statement.

“This exploit has nothing to do with NSO; our work is focused on the development of products designed to help licensed intelligence and law enforcement agencies save lives.” “

The vulnerability has already patched in Android kernel versions 3.18, 4.14, 4.4, and 4.9 without CVE but it becomes vulnerable to new Android versions.

Based on the source code review, Google confirmed that the following devices are vulnerable for this Android 0-day.

  • Pixel 1
  • Pixel 1 XL
  • Pixel 2
  • Pixel 2 XL
  • Huawei P20
  • Xiaomi Redmi 5A
  • Xiaomi Redmi Note 5
  • Xiaomi A1
  • Oppo A3
  • Moto Z3
  • Oreo LG phones
  • Samsung S7
  • Samsung S8
  • Samsung S9

There are two possible ways identified by Google. first one will exploit the device by installing a malicious app on the targeted device, in another way, the attacker performs a kernel privilege escalation using a use-after-free vulnerability, accessible from inside the Chrome sandbox.

According to Google Project Zero researcher Maddie Stone “The vulnerability is exploitable in Chrome’s renderer processes under Android’s ‘isolated_app’ SELinux domain, leading to us suspecting Binder as the vulnerable component “

“The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device.” and it’s not a complete remotely exploitable bug and the attacker need to meet with certain condition in order to take control over the vulnerable device that listed above.

Also, he confirmed that If the exploit is delivered via the web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox. via a blog post.

The Zero-day Vulnerability categorized under “High” severity and the attacker needs to install a malicious app to exploit the bug, in another case if they tried via browser, attackers require chaining with an additional exploit in order the take the vulnerable Android device.

Due to vulnerability severity level and is being actively exploiting in wide, Google said “we are now de-restricting this bug 7 days after reporting to Android team privately”

Google promise that the patch will be available in October security update for Pixel 1 and 2 devices, and Pixel 3 and 3a is not vulnerable.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Commvault Confirms Zero-Day Attack Breached Its Azure Cloud Environment

Commvault, a global leader in data protection and information management, has confirmed that a...

FBI Uncovers 42,000 Phishing Domains Tied to LabHost PhaaS Operation

The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains...

Tor Browser 14.5.1 Released with Enhanced Security and New Features

The Tor Project has announced the official release of Tor Browser 14.5.1, introducing a...

Trellix Launches Phishing Simulator to Help Organizations Detect and Prevent Attacks

Trellix, a leader in cybersecurity solutions, has unveiled its latest innovation, the Trellix Phishing...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

SonicWALL Connect Tunnel Vulnerability Could Allow Attackers to Trigger DoS Attacks

A newly disclosed vulnerability in SonicWall’s Connect Tunnel Windows Client could allow malicious actors...

Firefox 138 Launches with Patches for Several High-Severity Flaws

Mozilla has officially released Firefox 138, marking a significant update focused on user security....

Zimbra Collaboration GraphQL Flaw Lets Hackers Steal User Information

 A severe Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Suite (ZCS) versions 9.0...