Google fixes two Android Zero Day bugs that hackers actively exploited

On Monday, Google released an update for Android. This fixed two zero-day flaws “may be under restricted, targeted exploitation.” This means that Google knows that hackers are using a bug to compromise their Android device in real scenarios.

One of the two zero-days tracked as CVE-2024-53197 was identified by Amnesty International in collaboration with Benoît Sevens, a security team at Google’s Threat Analysis Group, a government-sponsored cyberattacks tracking.

In February, Amnesty said it discovered Cellebrite, a company that unlocks its phone and sells its devices to law enforcement, was using three 0-day chains of vulnerabilities to hack it into Android phones.

In this case, Amnesty discovered the vulnerability, including one patched on Monday, and was being used by local authorities armed with Serbrite by Serbrite.

However, there is not much information about the second vulnerability, CVE-2024-53150. This is a credit to Google’s Seven for its discovery, and it patched on Monday, except for the fact that the flaw was found in the kernel, the core of the operating system.

Google did not immediately respond to requests for comment.

Amnesty spokesman Hajira Mariam said the nonprofit had nothing to share at this point.

“The most serious of these issues are critical security vulnerabilities in system components that can lead to remote escalation of privileges without requiring additional execution privileges,” Tech Giant said in the advisory.

Google pushed two fixed zero-day source code patches within 48 hours of the advisory, while also noting that Android partners “were notified of all issues at least one month prior to publication.”

Given the open source nature of Android, every phone maker needs to push the patch out on their users.

This story has been updated to include Amnesty’s response.