CySecurity News – Latest Information Security and Hacking Incidents
Google has published updates for Android 10, 11, 12, and 12L which include Pixel security patches. The Android Security Bulletin for May offers information about security flaws could affect Android devices.
The Pixel Update Bulletin offers information about security flaws and functional enhancements for concerned Pixel devices. Google Pixel phones are “pure Android” devices. The two bulletins identify significant vulnerabilities as follows :
- CVE-2022-20120—Bootloader [Critical] The bootloader has a remote code execution (RCE) flaw. The bootloader on Android is a software program that loads the operating system every time users turn on the phone. It can only load software which has been signed by Google by default. If users unlock the bootloader, though, it will run whatever software you specify. The precise problem hasn’t been revealed yet, but based on the scale of access required to exploit it, it may be very serious.
- CVE-2022-20117— Titan-M[Critical] Titan M has an information disclosure (ID) flaw. Titan M is a security management chip designed specifically for Pixel phones to protect the most sensitive data and os version on the device. Titan M aids the bootloader in ensuring users running the correct Android version. . However, being able to steal data from the portion which is supposed to protect the most sensitive information does not look well.
-
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: