In its latest round of security updates, Google has addressed critical vulnerabilities within the Android operating system, including a serious zero-day flaw that may have been leveraged in active attacks. The company released monthly patches aimed at rectifying issues that could potentially put user devices at risk.
The vulnerability, designated as CVE-2023-35674, is classified as high-severity and is linked to privilege escalation, primarily affecting the Android Framework. Google has indicated that there is evidence suggesting this flaw could be subject to targeted exploitation.
According to the Android Security Bulletin for September 2023, Google stated, “There are indications that CVE-2023-35674 may be under limited, targeted exploitation.” However, further details regarding the scope or nature of these attacks have not been disclosed.
In addition to the CVE-2023-35674 vulnerability, the update addresses three other privilege escalation flaws within the Android Framework. Particularly concerning is the severity of one vulnerability, which could enable local privilege escalation without additional execution privileges or user interaction.
Additionally, Google reported the rectification of a critical security hole within the System component that poses a risk for remote code execution, notably without the need for victim interaction. The severity of this assessment hinges on the potential ramifications of exploiting these vulnerabilities, particularly if device protections are disabled or bypassed.
Overall, a total of 14 vulnerabilities within the System module were patched, along with two identified weaknesses in the MediaProvider component, which will be distributed via a Google Play system update.
For business owners, understanding these vulnerabilities is crucial, especially in recognizing that privilege escalation tactics could have been employed during any exploitation attempts. These tactics may align with several techniques outlined in the MITRE ATT&CK framework, particularly those associated with initial access and persistence strategies.
