Google has addressed a high-severity safety flaw impacting the Android kernel that it’s been actively exploited within the wild.
The vulnerability, tracked as CVE-2024-36971, has been described as a case of far off code execution impacting the kernel.
“There are indications that CVE-2024-36971 could also be underneath restricted, centered exploitation,” the tech massive famous in its per thirty days Android safety bulletin for August 2024.
As is most often the case, the corporate didn’t percentage any further specifics at the nature of the cyber-attacks exploiting the flaw or characteristic the process to a selected risk actor or crew. It is recently now not identified if Pixel units also are impacted through the worm.
That mentioned, Clement Lecigne of Google’s Danger Research Workforce (TAG) has been credited with reporting the flaw, suggesting that it is most likely being exploited through industrial adware distributors to infiltrate Android units in narrowly centered assaults.
The August patch addresses a complete of 47 flaws, together with the ones recognized in elements related to Arm, Creativeness Applied sciences, MediaTek, and Qualcomm.
Additionally resolved through Google are 12 privilege escalation flaws, one knowledge disclosure worm, and one denial-of-service (DoS) flaw impacting the Android Framework.
In June 2024, the quest corporate published that an elevation of privilege factor in Pixel Firmware (CVE-2024-32896) has been exploited as a part of restricted and centered assaults.
Google therefore advised The Hacker Information that the problem’s have an effect on is going past Pixel units to incorporate the wider Android platform and that it is operating with OEM companions to use the fixes the place appropriate.
Up to now, the corporate additionally closed out two safety flaws within the bootloader and firmware elements (CVE-2024-29745 and CVE-2024-29748) that have been weaponized through forensic firms to thieve delicate knowledge.
The advance comes because the U.S. Cybersecurity and Infrastructure Safety Company (CISA) added CVE-2018-0824, a far off code execution flaw impacting Microsoft COM for Home windows to its Recognized Exploited Vulnerabilities (KEV) catalog, requiring federal businesses to use fixes through August 26, 2024.
The addition follows a record from Cisco Talos that the flaw used to be weaponized through a Chinese language geographical region risk actor named APT41 in a cyber assault aimed toward an unnamed Taiwanese government-affiliated analysis institute to succeed in native privilege escalation.