| This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies, organizations, and individuals in guarding against the persistent malicious actions of cybercriminals. |
| Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation in the context of the affected component. Depending on the privileges associated with the exploited component, threat actors could then install programs; view, change, or delete data; or create new accounts with full rights. |
| Threat Intelligence There are indications that CVE-2024-53104 may be under limited, targeted exploitation. |
| Systems Affected |
| Android OS patch levels prior to 2025-02-05 |
| Risk Government: – Large and medium government entities: High – Small government entities: Medium |
| Businesses: – Large and medium business entities: High – Small business entities: Medium |
| Home Users: Low |
| Recommendations |
| Apply appropriate mitigations provided by Google to vulnerable systems immediately after appropriate testing. Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring. Restrict execution of code to a virtual environment on or in transit to an endpoint system. |
| Reference Android: https://source.android.com/docs/security/bulletin/2025-02-01 |
| Reporting The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report. |