Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-working day.

The higher-severity vulnerability, tagged as CVE-2024-32896, has been explained as an elevation of privilege issue in Pixel Firmware.

The firm did not share any extra details connected to the nature of attacks exploiting it, but famous “there are indications that CVE-2024-32896 could be less than restricted, specific exploitation.”

✔ Approved From Our Partners

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code

The June 2024 security update addresses a total of 50 security vulnerabilities, 5 of which relate to different parts in Qualcomm chipsets.

Some of the noteworthy issues patched include things like denial-of-service (DoS) issue impacting Modem, and numerous details disclosure flaws influencing GsmSs, ACPM, and Trusty.

The updates are available for supported Pixel gadgets, this kind of as Pixel 5a with 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and Pixel Fold.

Before this April, Google fixed two security flaws in the bootloader and firmware parts (CVE-2024-29745 and CVE-2024-29748) that ended up weaponized by forensic companies to steal delicate info.

Then final week, Arm notified customers of a memory-linked vulnerability (CVE-2024-4610) in Bifrost and Valhall GPU kernel drivers that has appear underneath active exploitation.

Found this posting attention-grabbing? Observe us on Twitter  and LinkedIn to read through additional special articles we publish.