Connect with us

Hi, what are you looking for?


Malware & Threats

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.

Google has rolled out a massive Pixel security update alongside a warning that one of the patched vulnerabilities has already been exploited in the wild.

The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The bug carries a high-severity rating.

Google did not share details of the zero-day beyond a single line in the Pixel security bulletin: “There are indications that CVE-2024-32896 may be under limited, targeted exploitation.”

The Pixel security bulletin documents at least 44 Pixel-specific vulnerabilities ranging in severity from critical to high to moderate risk. Google marked seven of the 44 bugs in the critical category.

“We encourage all customers to accept these updates to their devices,” Google said in an advisory that also flags serious vulnerabilities across various mobile device and OS subcomponents. 

Among the critical vulnerabilities, multiple elevation of privilege issues were found in components such as LDFW, Goodix, Mali, avcp, and confirmationui; and high-severity remote code execution (RCE) vulnerabilities in CPIF, WLAN, and other components.

The update also includes fixes for a handful of Qualcomm and Qualcomm closed-source components.

Separately, security researchers are calling attention to a severe defect in the Arm Mali GPU Kernel Driver that’s also being marked as actively exploited.

Advertisement. Scroll to continue reading.

The Arm Mali zero-day is tracked as CVE-2024-4610 and allows improper GPU memory processing operations, according to an Arm advisory that acknowledges in-the-wild zero-day exploitation. 

“This issue is fixed in Bifrost and Valhall GPU Kernel Driver r41p0. Arm is aware of reports of this vulnerability being exploited in the wild. Users are recommended to upgrade if they are impacted by this issue,” Arm said.

So far this year, there have been 41 documented in-the-wild zero-day attacks. Software code or products from Google account for eight of the 41 zero-days seen to date in 2024.

Related: Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing

Related: Adobe Ships Hefty Batch of Security Patches

Related: PHP Patches Critical Remote Code Execution Vulnerability

Related: Nvidia Patches High-Severity GPU Driver Vulnerabilities

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights