Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including smartphones, tablets, and watches. Successful exploitation of these vulnerabilities could allow an attacker to escalate privileges, potentially leading to unauthorized installation of programs, viewing, changing, or deleting data, or creating new accounts with full rights.

Threat Intelligence:

It has been reported that CVE-2024-53104 is under limited, targeted exploitation. This indicates that attackers are actively leveraging this vulnerability in real-world scenarios.

Affected Devices: 

Android OS patch levels prior to 2025-02-05

Vulnerabilities:

1. Multiple privilege escalation flaws in Framework, Platform, System, and Kernel components.

2. Information disclosure vulnerabilities in Framework and System components. 

3. A denial of service vulnerability in Framework. 

4. Various vulnerabilities in Google Play system updates, Arm components, Imagination Technologies, MediaTek components, Unisoc components, and Qualcomm components.

The most severe vulnerability, CVE-2024-53104, is a high-severity kernel flaw in the USB Video Class (UVC) driver, which could lead to physical escalation of privilege

Recommendations:

1. Apply the latest Android security patches immediately.
2. Implement a vulnerability management process for enterprise assets.
3. Perform automated application patch management monthly or more frequently.
4. Conduct regular automated vulnerability scans of internal enterprise assets.
5. Enable anti-exploitation features on enterprise assets and software where possible.
6. Implement application layer filtering.
7. Separate production and non-production systems

Download the advisory

fnCyber Advisory - Android.pdf