This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist individuals, agencies, and organizations in guarding against the persistent malicious actions of cybercriminals.

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

Threat Intelligence
There are indications that CVE-2024-36971 may be under limited, targeted exploitation.

Systems Affected

• Android OS patch levels prior to 2024-08-05

Risk
Government:
– Large and medium government entities: High
– Small government entities: Medium

Businesses:
– Large and medium business entities: High
– Small business entities: Medium

Home Users: Low

Recommendations

• Apply appropriate patches provided by Google to vulnerable systems, immediately after appropriate testing.
• Remind users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
• Inform and educate users regarding threats posed by hypertext links contained in emails or attachments, especially from untrusted sources.
• Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.