Google Warns of Active Exploitation of Pixel Firmware Zero-Day Vulnerability
Marketing · 2024-09-01

Google Warns of Active Exploitation of Pixel Firmware Zero-Day Vulnerability

Google has warned about the active exploitation of a high-severity vulnerability in the firmware of its Pixel smartphones. 

The zero-day flaw tracked as CVE-2024-32896 is an elevation of privilege issue that could allow attackers to gain elevated system privileges on affected devices.

The disclosure comes as part of Google's June 2024 security updates, which addressed 50 vulnerabilities across various components of the Pixel ecosystem. Among these, five vulnerabilities impacted Qualcomm chipsets, while others affected critical components such as the modem, trusty, and ACPM.

While Google has not shared more details about the attacks exploiting the zero-day vulnerability, the company has acknowledged that there are "indications that CVE-2024-32896 may be under limited, targeted exploitation." 

The vulnerability, which resides in the Pixel firmware, could potentially enable an attacker to escalate their privileges on a compromised device, granting them access to sensitive data and system resources. Google has urged Pixel users to promptly apply the June 2024 security updates, which address the zero-day vulnerability along with the other reported issues.

The June 2024 updates are available for a wide range of supported Pixel devices, including the Pixel 5a with 5G, Pixel 6a, Pixel 6, Pixel 6 Pro, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel 8a, and the recently released Pixel Fold. 

Users can install the updates by navigating to Settings > Security & privacy > System & updates > Security update, and then tapping "Install" followed by restarting their device.

This is not the first time Google has grappled with actively exploited vulnerabilities in its Pixel ecosystem. Earlier in April, the tech giant resolved two security flaws in the bootloader and firmware components (CVE-2024-29745 and CVE-2024-29748) that were being weaponized by forensic companies to gain unauthorized access to sensitive data on Pixel devices.

The revelation of an actively exploited zero-day vulnerability in the Pixel firmware comes just days after Arm, the leading chip designer, warned users of a memory-related vulnerability (CVE-2024-4610) in its Bifrost and Valhall GPU kernel drivers that had also come under active exploitation.

Popular articles
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
Indiana online casino bill stalls in House committee
Regulation
PropellerAds Positions Itself as a Go-To Traffic Source for iGaming Advertisers Ahead of a High-Demand Season
Marketing
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
That’s a Wrap: AffPapa Conference Madrid 2026 Highlights
Online Game
Global Game Connect (GGC) 2027 Officially Opens Sponsorship & Exhibition Opportunities in Sri Lanka!
HUIDU Focus
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Kazakhstan plans to penalise online casino promotions
Regulation
GAT Expo CDMX 2026 Kicks Off Today in Mexico with a Sold-Out Opening Reception at Big Bola Casino Santa Fe
Marketing
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Home
Game
Cooperation
Find
My