Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited.
This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the Android Framework component.
The patch, part of the Android Security Bulletin for September 2024, underscores Google’s commitment to protecting its users from potential threats.
The most severe issue in the September 2024 security bulletin is a high-severity vulnerability in the Android Framework.
This flaw allows for local escalation of privilege without requiring additional execution privileges.
The severity of the vulnerability is determined by its potential impact on affected devices, particularly if platform and service mitigations are disabled or bypassed.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!
Table: Key Vulnerabilities in the September 2024 Security Bulletin
| CVE ID | References | Type | Severity | Updated AOSP Versions |
| CVE-2024-32896 | A-324321147 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40658 | A-329641908 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40662 | A-261721900 | EoP | High | 12, 12L, 13, 14 |
In addition to the Framework vulnerability, several other high-severity vulnerabilities have been identified in the System component.
These, too, could lead to local escalation of privilege. The vulnerabilities affect multiple Android versions, ensuring that this update protects a wide range of devices.
Table: System Vulnerabilities
| CVE ID | References | Type | Severity | Updated AOSP Versions |
| CVE-2024-40650 | A-293199910 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40652 | A-327749022 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40654 | A-333364513 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40655 | A-300904123 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40657 | A-341886134 | EoP | High | 12, 12L, 13, 14 |
Google has emphasized the importance of updating to the latest version of Android to benefit from enhanced security features.
The Android security platform and Google Play Protect provide robust protections, reducing the likelihood of successful exploitation.
Google Play Protect, enabled by default on devices with Google Mobile Services, is crucial in monitoring and warning users about potentially harmful applications.
The bulletin also addresses vulnerabilities in other components, including the kernel, Arm, Imagination Technologies, Unisoc, and Qualcomm.
These vulnerabilities range from high to critical severity and affect various subcomponents such as WLAN, display, and camera.
Table: Qualcomm Component Vulnerabilities
| CVE ID | References | Severity | Subcomponent |
| CVE-2024-33042 | A-344620519 | Critical | WLAN |
| CVE-2024-33052 | A-344620630 | Critical | WLAN |
| CVE-2024-33034 | A-350500940 | High | Display |
| CVE-2024-33038 | A-344620773 | High | Camera |
Google’s latest security patch reflects its ongoing efforts to safeguard Android users against emerging threats.
Users are strongly encouraged to update their devices to the latest security patch level, 2024-09-05 or later, to ensure protection against these vulnerabilities.
As always, staying informed and proactive about security updates is crucial in maintaining device safety and integrity.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian…
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system…
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache…
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage…
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…