Android 0-Day Seen Exploited in the Wild

The local privilege escalation vulnerability affects Pixel, Samsung, Huawei, Xiaomi, and other devices.

Researchers with Googles Project Zero have disclosed a zero-day local privilege escalation vulnerability in its Android mobile operating system that could let an attacker assume control of affected devices. Evidence shows the bug is being exploited in the wild, they report.
Hundreds of millions of Android phones are vulnerable to CVE-2019-2215 given a patch has not yet been released. Models include the Google Pixel 2 running Android 9 and 10 preview; the Huawei P20, Xiaomi Redmi 5A, Xiaomi Redmi Note 5, Xiaomi A1, Oppo A3, Moto Z3, and Oreo LG phones; and the Samsung S7, S8, and S9 running 8.x releases. Pixel 3 and 3a are not affected.
This issue was patched in December 2017 on earlier Android versions, said Project Zero researcher Maddie Stone in a blog post, but source code review indicates newer versions are vulnerable.
The use-after-free vulnerability is considered a high-severity bug on Android, Googles Tim Willis also wrote. By itself, it requires the target to download a malicious application for potential exploitation. An attacker would have to chain this bug with an additional exploit to remotely infect and control a target device through the Web browser or another attack vector.
The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device, Stone explained. If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox.
Data from the Technical Analysis Group and third parties indicate an Android exploit can be attributed to Israels NSO Group, which in the past has been known to develop and sell exploits to governments. In February, an exploit seemingly part of NSO Groups Pegasus spyware program
was used to
install surveillance software onto target mobile phones via WhatsApp.
Willis says Pixel 1 and 2 devices will be receiving fixes for this bug in the October update. Android partners have been notified and a patch is available on the Android Common Kernel.
Read more details
here
.
Check out
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays top story:
How the City of Angels Is Tackling Cyber Devilry
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Android 0-Day Seen Exploited in the Wild