Freely subscribe to our NEWSLETTER

Chris Vaughan, AVP - Technical Account Management, EMEA: “People must take this alert of updating their Android device to the very latest version very seriously to avoid the potential of hackers gaining complete control of devices and stealing personal data. The method in which hackers could exploit this vulnerability, remote code execution (RCE), is as bad as it gets - it can lead to information disclosure, high-level system compromise, and complete device takeover. Although there are no known exploits in the wild for the CVE-2022-20210 vulnerability, Android users should patch immediately.

Android is mostly used on mobile devices for both personal and business use – so attackers could potentially use RCE to obtain private and/or business data, including photos, credentials, or emails. If a phone is connected to a corporate network this device could be leveraged to gain access to other parts of the enterprise.

This type of attack is made more precarious by the fact that antivirus, endpoint detection and response tools don’t often extend to mobile phones and malicious behaviour on these devices may be out of view to most IT/security teams within organisations. We have seen recently that providers such as the NSO organisation have leveraged RCE to allow foreign states to spy on political organisations. An RCE in Android could provide similar access rights and be leveraged illicitly for nefarious means.

Organisations can protect themselves by ensuring that all corporate devices are enrolled in a mobile device management solution that can patch and audit these devices. For those that have a bring your own device program, limiting access to corporate email and assets without a fully patched handset would be the best approach.”