Multiple vulnerabilities have been discovered in Google Android OS (CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136), the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation.
Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.
Systems affected: Android OS patch levels prior to 2023-07-05
What You Should Do
Apply appropriate patches provided by Google to vulnerable systems, immediately after appropriate testing. As a reminder, do not open links or visit untrusted websites. If you have questions or need assistance, contact a member of the BMT team.