Google has warned about the active exploitation of a high-severity vulnerability in the firmware of its Pixel smartphones.
The zero-day flaw tracked as CVE-2024-32896 is an elevation of privilege issue that could allow attackers to gain elevated system privileges on affected devices.
The disclosure comes as part of Google's June 2024 security updates, which addressed 50 vulnerabilities across various components of the Pixel ecosystem. Among these, five vulnerabilities impacted Qualcomm chipsets, while others affected critical components such as the modem, trusty, and ACPM.
While Google has not shared more details about the attacks exploiting the zero-day vulnerability, the company has acknowledged that there are "indications that CVE-2024-32896 may be under limited, targeted exploitation."
The vulnerability, which resides in the Pixel firmware, could potentially enable an attacker to escalate their privileges on a compromised device, granting them access to sensitive data and system resources. Google has urged Pixel users to promptly apply the June 2024 security updates, which address the zero-day vulnerability along with the other reported issues.
The June 2024 updates are available for a wide range of supported Pixel devices, including the Pixel 5a with 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and the recently released Pixel Fold.
Users can install the updates by navigating to Settings > Security & privacy > System & updates > Security update, and then tapping "Install" followed by restarting their device.
This is not the first time Google has grappled with actively exploited vulnerabilities in its Pixel ecosystem. Earlier in April, the tech giant resolved two security flaws in the bootloader and firmware components (CVE-2024-29745 and CVE-2024-29748) that were being weaponized by forensic companies to gain unauthorized access to sensitive data on Pixel devices.
The revelation of an actively exploited zero-day vulnerability in the Pixel firmware comes just days after Arm, the leading chip designer, warned users of a memory-related vulnerability (CVE-2024-4610) in its Bifrost and Valhall GPU kernel drivers that had also come under active exploitation.