Critical Vulnerabilities in Android Operating System

Published on 08 Jun 2023

Google has released security updates to address multiple critical vulnerabilities (CVE-2023-21127, CVE-2023-21108, CVE-2023-21130, CVE-2022-33257, CVE-2022-40529) for devices running Android versions 11, 12, and 13.

Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution without any user interaction and with no additional execution privileges required.

Users of affected product versions are advised to upgrade to the latest versions immediately by going to Settings > System > System Update and selecting the "Check for updates" button. Alternatively, the device can be updated at Settings > Security & Privacy > Updates > Security Update.

For devices running Android versions 10 and older, which have reached End of Life (EoL), users are advised to check for important security fixes via the Google Play system updates by going to Settings > Security & privacy > Updates > Google Play system update.

More information is available here:
https://source.android.com/docs/security/bulletin/2023-06-01
https://www.bleepingcomputer.com/news/security/android-security-update-fixes-mali-gpu-flaw-exploited-by-spyware/
Tags
Alerts Alerts & Advisories
Share