Critical Incidents
CISA Adds Two Android Pixel Vulnerabilities to Catalog
CISA added two Android Pixel vulnerabilities, CVE-2024-29745 (information disclosure) and CVE-2024-29748 (privilege escalation), to its Known Exploited Vulnerabilities Catalog. Prompt remediation is urged to protect against active exploitation.
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, highlighting two critical vulnerabilities affecting Android Pixel devices.
These vulnerabilities, identified as CVE-2024-29745 and CVE-2024-29748, have been added to the catalogue due to evidence of active exploitation.
CVE-2024-29745There is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-29748There is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-29745 targets Android Pixel devices, presenting a potential Information Disclosure risk stemming from uninitialized data.
This flaw could allow attackers to access local information without requiring additional execution privileges or user interaction, posing a significant threat to device security and user privacy.
On the other hand, CVE-2024-29748 exposes a Privilege Escalation vulnerability in Android Pixel devices. This flaw arises from a logic error in the code, providing a potential route for attackers to escalate their privileges locally without needing additional execution privileges.
Unlike the previous vulnerability, exploitation of this flaw does require user interaction, but it still represents a substantial risk to device security.
Such vulnerabilities serve as prime targets for malicious cyber actors seeking to compromise systems and networks. Exploitation of these flaws could lead to data breaches, unauthorised access, and other detrimental consequences, particularly within the federal enterprise.
In response to the growing threat landscape, the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities was established.
This directive mandates Federal Civilian Executive Branch (FCEB) agencies to promptly remediate identified vulnerabilities listed in the Known Exploited Vulnerabilities Catalog to safeguard FCEB networks against active threats.
While BOD 22-01 specifically applies to FCEB agencies, CISA strongly advises all organisations to prioritise the timely remediation of vulnerabilities listed in the catalogue as part of their broader vulnerability management practices.
By addressing these vulnerabilities promptly, organisations can significantly reduce their exposure to cyberattacks and enhance their overall cybersecurity posture.
It's essential for organisations to stay vigilant and proactive in addressing known vulnerabilities, as CISA will continue to update the catalogue with newly identified threats that meet specified criteria.
By staying informed and taking decisive action, organisations can better protect themselves against evolving cyber threats and mitigate potential risks to their systems and data.