silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,937
Source: Android's September 2024 Update Patches Exploited Vulnerability - SecurityWeekGoogle on Tuesday announced a fresh set of Android security updates that address 35 vulnerabilities, including a local privilege escalation bug exploited in attacks.
The exploited flaw, tracked as CVE-2024-32896 (CVSS score of 7.8), is a high-severity issue affecting Android’s Framework component. A logic error in the code could lead to protection bypass, allowing a local attacker to elevate privileges.
“The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in the September 2024 Android security bulletin.