Application security, Endpoint/Device Security

Active exploitation of Google Pixel zero-days underway

Google Pixel smartphone

Google has warned of ongoing attacks targeting a pair of high-severity zero-day vulnerabilities impacting its Pixel smartphones, including the bootloader information disclosure bug, tracked as CVE-2024-29745, and firmware privilege escalation flaw, tracked as CVE-2024-29748, reports The Hacker News.

No additional details regarding the exploitation of the zero-days but the GrapheneOS team said that forensic companies were behind the intrusions, with attacks leveraging CVE-2024-29748 noted to potentially result in the disruption of a device admin API-stemming factory reset process.

"Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory," said GrapheneOS in a series of posts on X, formerly Twitter.

Such a development follows the GrapheneOS team's disclosure of forensic firms' abuse of Google Pixel and Samsung Galaxy firmware flaws to facilitate data exfiltration and cyberespionage activities earlier this year that was accompanied by a call for the introduction of an auto-reboot functionality to curb exploitation.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

You can skip this ad in 5 seconds