Android Critical Vulnerability

Android Critical Vulnerability Lets attack Samsung, Huawei, Moto, Xiaomi and Pixel phones

Researchers at the Google Zero project have identified a critical zero-day vulnerability that affects at least 18 Android smartphone smartphones. The study shows that it is already in full use, gaining remote access to information on the phones of victims around the world.

An open exploit was attributed to the Israeli NSO group, but their representative later denied that they were involved in the software, developed or sold it. They stated:

“The identified exploit has nothing to do with us. Our job is to create a protective product for governments and private investigators that save lives. ”

The vulnerability has already been fixed in Android kernel versions 3.18, 4.14, 4.4, and 4.9 without CVE, but the latest OS versions are still not protected. Now, the following phone models remain vulnerable:

Pixel 1

Pixel 1 XL

Pixel 2

Pixel 2 XL

Huawei P20

Xiaomi Redmi 5A

Xiaomi Redmi Note 5

Xiaomi A1

Oppo a3

Moto Z3

Oreo LG phones

Samsung S7

Samsung s8

Samsung S9

Google found out that the attack can pass in two ways: either Chrome sandbox will be used, or hackers will try to persuade the user to install a fake application. A critical bug, if successfully used, can give a hacker full access to all the phone’s functions.

  • ru
  • en