Security News > 2024 > April > Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
2024-04-03 16:10
Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component CVE-2024-29748 - A privilege escalation flaw in the firmware component "There are indications that the [
News URL
https://thehackernews.com/2024/04/google-warns-android-zero-day-flaws-in.html
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- New Google Pixel AI feature analyzes phone conversations for scams (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68% (source)
- Google sees 68% drop in Android memory safety flaws over 5 years (source)
- Fake WalletConnect app on Google Play steals Android users’ crypto (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection (source)
- Google brings better bricking to Androids, to curtail crims (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-05 | CVE-2024-29748 | Improper Handling of Exceptional Conditions vulnerability in Google Android there is a possible way to bypass due to a logic error in the code. | 7.8 |
| 2024-04-05 | CVE-2024-29745 | Use of Uninitialized Resource vulnerability in Google Android there is a possible Information Disclosure due to uninitialized data. | 5.5 |