A pair of critical security vulnerabilities in Google’s Pixel mobile phone line could lead to privilege escalation and device takeover.
The Pixel bugs, tracked as CVE-2022-20231 and CVE-2022-20364, are in the Trust and Kernel components, respectively, according to Google’s Android security advisory.
“For Google devices, security patch levels of 2022-09-05 or later address all issues in this bulletin and all issues in the September 2022 Android Security Bulletin,” Google said in its Pixel patch advisory. “All supported Google devices will receive an update to the 2022-09-05 patch level. We encourage all customers to accept these updates to their devices.”
More from Dark reading
The Need for Speed: When Cloud Attacks Take Only 10 Minutes
Source Node: 2317044
Time Stamp: Oct 9, 2023
Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack
Source Node: 1709426
Time Stamp: Sep 30, 2022
Weaponized Windows Installers Target Graphic Designers in Crypto Heist
Source Node: 2258192
Time Stamp: Sep 7, 2023
Compromised Zendesk Employee Credentials Lead to Breach
Source Node: 1911688
Time Stamp: Jan 20, 2023
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security
Source Node: 2428594
Time Stamp: Jan 4, 2024
Google Chrome Pays $57K (and Counting) in Bug Bounties for Latest Update
Source Node: 1729852
Time Stamp: Oct 26, 2022
What Kind of Data Gets Stolen When a Developer is Compromised?
Source Node: 1785592
Time Stamp: Dec 22, 2022