Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild.
Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android Framework.
“There are indications that CVE-2023-35674 may be under limited, targeted exploitation,” the company said in its Android Security Bulletin for September 2023 without delving into additional specifics.
The update also addresses three other privilege escalation flaws in Framework, with the search giant noting that the most severe of these issues “could lead to local escalation of privilege with no additional execution privileges needed” sans any user interaction.
