Android vulnerability affecting some Huawei, Pixel and Samsung phones

Google's Project Zero team revealed that an Android vulnerability seems to have been exploited in the real world and it affects some phones models.

The same bug was previously patched in December 2017, but it re-appeared in subsequent Android versions.

The full list of devices affected by are the Pixel 1/1 XL, Pixel 2/2 XL, Huawei P20, Xiaomi Redmi 5A, Xiaomi Redmi Note 5, Xiaomi A1, Oppo A3, Moto Z3, Android Oreo LG phones, Samsung Galaxy S7, S8 and S9.

An Android spokesperson shared that an attacker would either need to get the user to install a malicious app or pair the attack with a second exploit via a programme like a web browser, to achieve a "full compromise" of the device.

[[nid:382781]]

Google's Threat Analysis Group stated that the Android vulnerability may have been used or sold by the Israeli-based spyware vendor NSO Group.

A patch is now available on the Android Common Kernel and Android partners have been informed. For Pixel 1 and 2 devices, Google said that they will be receiving the patch as part of the October update.

This article was first published in Hardware Zone.