NJCCIC ADVISORY: August 7, 2024

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation.

Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights. Threat Intelligence: There are indications that CVE-2024-36971 may be under limited, targeted exploitation.
Systems Affected: Android OS patch levels prior to 2024-08-05

Risk
Government:
– Large and medium government entities: High
– Small government entities: Medium
Businesses:
– Large and medium business entities: High
– Small business entities: Medium
Home Users: Low

Recommendations
Apply appropriate patches provided by Google to vulnerable systems, immediately after appropriate testing.
Remind users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from untrusted sources.
Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.

Reference: Google: Android Security Bulletin – August 2024

Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report.