Security News > 2022 > June > Android June 2022 updates bring fix for critical RCE vulnerability
Google has released the June 2022 security updates for Android devices running OS versions 10, 11, and 12, fixing 41 vulnerabilities, five rated critical.
The security update is separated into two levels, released on June 1 and June 5.
The first one contains patches for Android system and framework components and the second one includes updates for kernel and third-party vendor closed source components.
"The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed," mentions the Android security bulletin.
The fifth critical flaw fix concerns Unisoc chips only, so it's only available through the "June 5 2022" patch level.
If your device is no longer supported by the vendor and has stopped receiving security updates, it would be advisable to use a third-party Android distribution that incorporates recent patches and security features for older models.
News URL
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version (source)
- Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE (source)