Google fixed a high-severity flaw, tracked as CVE-2024-36971, impacting the Android kernel. The IT giant is aware that the vulnerability has been actively exploited in the wild. The company did not share details of the attacks exploiting this vulnerability.<\/p>\n\n\n\n
The vulnerability is a remote code execution impacting the kernel.<\/p>\n\n\n\n
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation.” reads the advisory<\/strong><\/a> published by Google.<\/em>
The vulnerability was discovered<\/a> by Clement Lecigne of Google’s Threat Analysis Group (TAG). The TAG team investigates attacks carried out by nation-state actors and commercial spyware vendors<\/a>.<\/p>\n\n\n\n
In June 2024, Google\u00a0warned<\/a>\u00a0of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day.<\/p>\n\n\n\n
\u201cThere are indications that CVE-2024-32896 may be under limited, targeted exploitation.\u201d reads<\/strong><\/a> the advisory.<\/em><\/p>\n\n\n\n
In June 2024, Google warned<\/a> <\/strong>of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day.<\/p>\n\n\n\n
\u201cThere are indications that CVE-2024-32896 may be under limited, targeted exploitation.\u201d reads<\/strong><\/a> the advisory.<\/em>
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a> \u2013<\/strong> hacking, Android)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"