Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw
Sep 04, 2024
Vulnerability / Mobile Security
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National Vulnerability Database (NVD), it concerns a logic error that could lead to local escalation of privileges without requiring any additional execution privileges. "There are indications that CVE-2024-32896 may be under limited, targeted exploitation," Google said in its Android Security Bulletin for September 2024. It's worth noting that CVE-2024-32896 was first disclosed in June 2024 as impacting only the Google-owned Pixel lineup. There are currently no details on how the vulnerability is being exploited in the wild, although GrapheneOS maintainers revealed that CVE-2024-32896...
