June Updates for Android Fixed RCE Bug and Vulnerability in UNISOC

June updates for Android
Written by Emma Davis

Google developers have released June security updates for Android versions 10, 11 and 12. In total, the company has fixed 41 vulnerabilities in the mobile OS, five of which are recognized as critical.

Updates are traditionally divided into two levels: June 1st and 5th. The first level contains fixes for the Android system and framework components, while the second level includes updates to the core and closed source components from third parties.

Let me remind you that we also talked about the fact that Bugs in MediaTek chips allow tracking users of 37% of smartphones in the world.

Of the five critical vulnerabilities fixed this month, the bug CVE-2022-20210 stands out, which allows remote arbitrary code execution and can be exploited by attackers without any prior preparations. This issue affects Android 10, 11, 12 and 12L.

The other two first-level patches address vulnerabilities CVE-2022-20140 (affects Android 12 and 12L) and CVE-2022-20145 (affects Android 11). They are both recognized as critical and allow privilege escalation.

The fourth critical vulnerability addressed by the June 1, 2022 patch level was CVE-2022-20130 related to the Media Codecs component. The vulnerability could lead to remote arbitrary code execution and poses a threat to devices running Android 10 and later.

The fifth critical fix only affects Unisoc chipsets, so it is available at the second level from June 5, 2022. This vulnerability, which received the identifier CVE-2022-20210, was discovered by researchers from Check Point, who reported that the bug allows to block the device from connecting to cellular networks using a malicious package.

The smartphone modem is a prime target for hackers as it can be easily reached remotely through SMS or radio packet. If the vulnerability is not fixed, a hacker or military unit could use it to disrupt communications. The vulnerability is in the firmware of the modem, not in the Android OS.the Israeli company Check Point said in a report.

It is worth noting that Unisoc accounts for about 11% of the Android market (especially in Africa and Asia) and is mostly low-end or rugged devices used by the military.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending