Forensic Firms Exploit Zero-Day Vulnerabilities in Pixel Phones Android System

Google has recently disclosed alarming news regarding two high-severity zero-day vulnerabilities affecting its Pixel smartphones. These vulnerabilities, CVE-2024-29745 and CVE-2024-29748, have been actively exploited in the wild by forensic companies, raising concerns about user privacy and security. Read our latest Newsletter to learn more!

Details of Vulnerabilities:

CVE-2024-29745: This vulnerability is an information disclosure flaw found in the bootloader component of the affected Pixel phones.

CVE-2024-29748: The second vulnerability is a privilege escalation flaw identified in the firmware component.

Google, in an advisory released on April 2, 2024, stated, "There are indications that the vulnerabilities may be under limited, targeted exploitation."This revelation has sent shockwaves through the tech community, especially since further details about the nature of these attacks have not been disclosed by Google.

Exploitation by Forensic Companies: Maintainers of GrapheneOS have shed more light on the exploitation of these vulnerabilities. They revealed that forensic companies are actively exploiting these flaws, particularly CVE-2024-29745. This vulnerability in the fast boot firmware is being utilized by forensic companies to reboot devices, including Pixels and other affected devices, into fast boot mode. Once in this mode, attackers can exploit the vulnerabilities and dump memory, potentially gaining access to sensitive user data.

Impact of CVE-2024-29748

GrapheneOS highlighted the seriousness of CVE-2024-29748, noting that local attackers could potentially weaponize this flaw to interrupt a factory reset triggered via the device admin API. This could lead to further compromise of the device's security and user data.

Previous Disclosures and Urgent Calls for Action: The disclosure of these vulnerabilities comes after previous warnings by the GrapheneOS team regarding similar exploits targeting firmware vulnerabilities in Google Pixel and Samsung Galaxy phones. These exploits have reportedly been used by forensic companies to steal data and spy on users even when their devices are not in use.

GrapheneOS has urged Google to introduce an auto-reboot feature to make exploitation of firmware flaws more challenging for attackers. This move could potentially enhance the security posture of affected devices and protect users from malicious activities.

In conclusion, the exploitation of these zero-day vulnerabilities in Pixel phones by forensic companies highlights the urgent need for enhanced security measures. Users are advised to stay updated with security patches and take necessary precautions to safeguard their devices and personal data. Tech companies like Google must address these vulnerabilities promptly to protect user privacy and maintain the integrity of their devices.

#AndroidSecurity #ZeroDayAlert #PixelPhones #StaySafe #CyberSecurity #DataPrivacy #GoogleSecurity #VulnerabilityAlert

SOURCE: Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies Google’s advisory released on April 2, 2024 Maintainers of GrapheneOS