Google has released a patch addressing a critical zero-day vulnerability that has been actively exploited.
This vulnerability, CVE-2024-32896, is a privilege escalation flaw within the Android Framework component.
The patch, part of the Android Security Bulletin for September 2024, underscores Google’s commitment to protecting its users from potential threats.
The most severe issue in the September 2024 security bulletin is a high-severity vulnerability in the Android Framework.
This flaw allows for local escalation of privilege without requiring additional execution privileges.
The severity of the vulnerability is determined by its potential impact on affected devices, particularly if platform and service mitigations are disabled or bypassed.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!
Table: Key Vulnerabilities in the September 2024 Security Bulletin
| CVE ID | References | Type | Severity | Updated AOSP Versions |
| CVE-2024-32896 | A-324321147 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40658 | A-329641908 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40662 | A-261721900 | EoP | High | 12, 12L, 13, 14 |
In addition to the Framework vulnerability, several other high-severity vulnerabilities have been identified in the System component.
These, too, could lead to local escalation of privilege. The vulnerabilities affect multiple Android versions, ensuring that this update protects a wide range of devices.
Table: System Vulnerabilities
| CVE ID | References | Type | Severity | Updated AOSP Versions |
| CVE-2024-40650 | A-293199910 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40652 | A-327749022 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40654 | A-333364513 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40655 | A-300904123 | EoP | High | 12, 12L, 13, 14 |
| CVE-2024-40657 | A-341886134 | EoP | High | 12, 12L, 13, 14 |
Google has emphasized the importance of updating to the latest version of Android to benefit from enhanced security features.
The Android security platform and Google Play Protect provide robust protections, reducing the likelihood of successful exploitation.
Google Play Protect, enabled by default on devices with Google Mobile Services, is crucial in monitoring and warning users about potentially harmful applications.
The bulletin also addresses vulnerabilities in other components, including the kernel, Arm, Imagination Technologies, Unisoc, and Qualcomm.
These vulnerabilities range from high to critical severity and affect various subcomponents such as WLAN, display, and camera.
Table: Qualcomm Component Vulnerabilities
| CVE ID | References | Severity | Subcomponent |
| CVE-2024-33042 | A-344620519 | Critical | WLAN |
| CVE-2024-33052 | A-344620630 | Critical | WLAN |
| CVE-2024-33034 | A-350500940 | High | Display |
| CVE-2024-33038 | A-344620773 | High | Camera |
Google’s latest security patch reflects its ongoing efforts to safeguard Android users against emerging threats.
Users are strongly encouraged to update their devices to the latest security patch level, 2024-09-05 or later, to ensure protection against these vulnerabilities.
As always, staying informed and proactive about security updates is crucial in maintaining device safety and integrity.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting 693,635…
A database containing over 1,000 email accounts associated with the National Health Service (NHS) has…
Researchers from Avast have uncovered a vulnerability in the cryptographic schema of the Mallox ransomware,…
A recently discovered vulnerability in Red Hat's NetworkManager, CVE-2024-8260, has raised concerns in the cybersecurity…
Tor Browser 14.0 has been officially launched. It brings significant updates and new features to…
INE Security offers essential advice to protect digital assets and enhance security. As small businesses…