Audio Posts In English

Google fixed an actively exploited zero-day in the Pixel Firmware


Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day.

Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day.

“There are indications that CVE-2024-32896 may be under limited, targeted exploitation.” reads the advisory.

As usual, the IT giant did not provide technical information about attacks exploiting the above issue.

The Pixel Update Bulletin provides details of security vulnerabilities and functional improvements for supported Google Pixel devices. The company addressed all the flaws detailed in the bulletin with the release of the security patch levels of 2024-06-05 or later and the June 2024 Android Security Bulletin.

Seven out of 50 security vulnerabilities are rated as critical:

CVE References Type Severity Subcomponent
CVE-2024-32891 A-313509045 * EoP Critical LDFW
CVE-2024-32892 A-326987969 * EoP Critical Goodix
CVE-2024-32899 A-301669196 * EoP Critical Mali
CVE-2024-32906 A-327277969 * EoP Critical avcp
CVE-2024-32908 A-314822767 * EoP Critical LDFW

The company addressed multiple information disclosure flaws impacting GsmSs, ACPM, and Trusty and multiple DoS issues in the modem.

In April, Google addressed 28 vulnerabilities in Android and 25 flaws in Pixel devices. Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, were actively exploited in the wild.

CVE-2024-29745 is a High severity Information disclosure issue in the bootloader, while CVE-2024-29748 is a High severity elevation of privilege issues in the Pixel Firmware.

“There are indications that the following may be under limited, targeted exploitation.” reads the advisory.

The company did not provide details about the attacks, but in the past, such kinds of bugs were actively exploited by nation-state actors or commercial spyware vendors.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Google Pixel)