Google addressed Zeroday vulnerability in Pixel devices -CVE-2024-32896

Google has released a critical security update for Pixel devices, addressing a zero-day vulnerability that has been actively exploited in the wild.

The vulnerability tracked as CVE-2024-32896 is an elevation of privilege issue in Pixel Firmware, underscores the importance of promptly updating your devices to safeguard against potential attacks.

Google revealed limited information about the zero-day, stating only that it has indications of targeted exploitation. “There are indications that CVE-2024-32896 may be under limited, targeted exploitation.” However, the urgency of the patch highlights the severity of the threat. Alongside this zero-day fix, Google’s June security update also addresses over 40 additional vulnerabilities, including multiple critical elevation of privilege issues and high-severity remote code execution (RCE) bugs affecting various Pixel components.

This month patch release cycle covers not only Pixel-specific flaws but also includes fixes for Qualcomm and Qualcomm closed-source components. While Pixel devices run on Android, they receive separate updates due to their unique features and hardware platform, which is directly managed by Google.

Users are strongly advised to immediately install the latest security update to protect their Pixel devices from potential threats.

Patch Summary