Multiple vulnerabilities have been discovered in Google products that could allow elevation of privilege and remote code execution in the context of the affected component. According to the MITRE ATT&CK framework, exploitation of these vulnerabilities can be categorized as follows:
Tactical: Elevation of privileges (TA0004):
Technical: Abuse Elevation Control Mechanism (T1548):
- Multiple vulnerabilities in Framework that could allow elevation of privilege. (CVE-2023-20971, CVE-2023-21351, CVE-2024-34731, CVE-2024-34734, CVE-2024-34735, CVE-2024-34737, CVE-2024-34738, CVE-2024-34739, CVE-2024-34740, CVE-2024-34741, CVE-2024-34743)
- A vulnerability in the kernel that could allow remote code execution. (CVE-2024-36971)
Additional lower severity vulnerabilities include:
- A vulnerability in Framework that could allow information disclosure. (CVE-2024-34736)
- A vulnerability in Framework that could allow a denial of service. (CVE-2024-34742)
- A vulnerability in the system that could allow information disclosure. (CVE-2024-34727)
- Multiple vulnerabilities in Arm components. (CVE-2024-2937, CVE-2024-4607)
- A vulnerability in MediaTek components. (CVE-2024-20082)
- Multiple vulnerabilities in Qualcomm components. (CVE-2024-21478, CVE-2024-23381, CVE-2024-23382, CVE-2024-23383, CVE-2024-23384, CVE-2024-33010, CVE-2024-33011, CVE-2024-33012, CVE-2024-33013, 24-33014, CVE-2024-33015, CVE-2024-33018, CVE-2024-33019, CVE-2024-33020, CVE-2024-33023, CVE-2024-33024, CVE-2024-33025, (CVE-2024-33026, CVE-2024-33027, CVE-2024-33028)
Successful exploitation of the most severe of these vulnerabilities could allow elevation of privilege and remote code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
