image credit: Pixabay

Google Patches Android Zero-Day Exploited in Targeted Attacks

November 2, 2021

The zero-day vulnerability is tracked as CVE-2021-1048 and Google says there is evidence that the flaw has been exploited in limited, targeted attacks. The internet giant described it as a use-after-free bug in the kernel that can be exploited for local privilege escalation.

No other information has been provided about the attacks exploiting CVE-2021-1048, but the targeted nature of the attacks suggests that they have been carried out by a state-sponsored threat group, likely for espionage purposes.

Read More on Security Week