The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert for a newly discovered zero-day vulnerability in the Android Runtime component.
This “use-after-free” flaw could allow attackers to escape the Chrome sandbox and elevate privileges on an affected device.
CISA warns that the vulnerability is under active exploitation and urges organizations and users to apply mitigations without delay.
https://gbhackers.com/cisa-issues-alert ... erability/