Google resolved a zero-day vulnerability in the Pixel Firmware being actively abused

AndyC 14 June 2024

Google resolved a zero-day vulnerability in the Pixel Firmware being actively abused

Google fixed an actively exploited zero-day in the Pixel Firmware

Google resolved a zero-day vulnerability in the Pixel Firmware being actively abused

Pierluigi Paganini
June 13, 2024

Google issued a caution regarding a security flaw affecting its Pixel Firmware, which has been actively exploited as a zero-day threat.

Google alerted about an escalation of privilege vulnerability, identified as CVE-2024-32896, in the Pixel Firmware, which has been exploited as a zero-day threat.

“There are signs that CVE-2024-32896 might be under restricted, targeted exploitation.” states the advisory.

As customary, the technology behemoth did not disclose technical details regarding the attacks exploiting the mentioned issue.

The Pixel Update Bulletin furnishes information on security vulnerabilities and enhancements for compatible Google Pixel devices. The company tackled all the issues outlined in the bulletin with the dissemination of the security patch levels of 2024-06-05 or later and the June 2024 Android Security Bulletin.

Seven out of 50 security vulnerabilities have been classified as critical:

CVE References Type Severity Subcomponent
CVE-2024-32891 A-313509045 * EoP Critical LDFW
CVE-2024-32892 A-326987969 * EoP Critical Goodix
CVE-2024-32899 A-301669196 * EoP Critical Mali
CVE-2024-32906 A-327277969 * EoP Critical avcp
CVE-2024-32908 A-314822767 * EoP Critical LDFW

The company addressed numerous incidents of information disclosure vulnerabilities impacting GsmSs, ACPM, and Trusty, as well as several DoS issues in the modem.

In April, Google resolved 28 vulnerabilities in Android and 25 flaws in Pixel devices. Two problems rectified by the technology giant, identified as CVE-2024-29745 and CVE-2024-29748, were actively exploited in the wild.

CVE-2024-29745 is a High severity information disclosure problem in the bootloader, while CVE-2024-29748 is a High severity escalation of privilege problem in the Pixel Firmware.

“There are signs that the subsequent issues might be under limited, targeted exploitation.” comments the advisory.

The company refrained from disclosing specifics about the attacks; however, historically, such types of vulnerabilities have been exploited actively by nation-state entities or commercial spyware vendors.

Pierluigi Paganini

Connect with me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, Google Pixel)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , , , , ,

More Stories

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

AndyC 20 December 2025
ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

AndyC 20 December 2025
China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

AndyC 20 December 2025
Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

AndyC 19 December 2025
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

AndyC 19 December 2025
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

AndyC 19 December 2025

You may have missed

Amazon Warns Perncious Fake North Korea IT Worker Threat Has Become Widespread

Randall Munroe’s XKCD ‘Fifteen Years’

AndyC 20 December 2025
Why AppSec Can’t Keep Up With AI-Generated Code

Google Shutting Down Dark Web Report Met with Mixed Reactions

AndyC 20 December 2025
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.