Security
Headlines
HeadlinesLatestCVEs

Headline

Android Serves Up a Slew of Security Updates, 4 Critical

Out of more than 80 flaws fixed this month, the most critical was a system component bug that could allow RCE over Bluetooth.

DARKReading
#vulnerability#android#google#rce

Android’s Framework, Kernel, and Google Play were among components that received security updates this month, but the most severe was a critical bug in the System component that, if exploited, could allow remote code execution (RCE) over Bluetooth, without any escalation privileges required.

In addition to the System vulnerability, tracked under CVE-2022-20411, there are three additional critical flaws addressed by Android this month, including an ID bug in the System component (CVE-2022-20498) and two critical RCE bugs in the Framework component (CVE-2022, 20472 and CVE-2022-20473).

In total, the Android security update addressed more than 80 vulnerabilities.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related news

CVE-2021-46868: January

The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.

CVE-2021-0934: Android Security Bulletin—December 2022  |  Android Open Source Project

In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-169762606

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

Categories: Android Categories: Exploits and vulnerabilities Categories: News Google has issued its December round of patches, which includes a fix for a critical vulnerability that allows RCE over Bluetooth (Read more...) The post Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth appeared first on Malwarebytes Labs.

DARKReading: Latest News

Non-Human Identities Gain Momentum, Requires Both Management, Security