The 23-year-old Serbian youth activist had his Android phone, aimed at zero day, developed Cellebrite to unlock the device, according to Amnesty International report.
“Phone Android One Student Seceter has been used and unlocked by a sophisticated zero day operation oriented – NoteThe addition of traces of operation was found in a separate case in mid -2014.
Vulnerability in question Cve-2024-53104 (CVSS assessment: 7.8), the case of escalation of privileges in the kernel component known as the USB Video Class (UVC) driver. The lack of the lack was considered in the Linux kernel in December 2024. The Android was then considered earlier this month.
It is believed that the CVE-2024-53104 is combined with two other deficiencies-Cve-2024-53197 and Cve-2014-50302-Booms were resolved in the Linux kernel. They still have to be included in the Android security newsletter.
- Cve-2024-53197 (Evaluation CVSS: N/A) -The performance to devices for Entigy and MBOX
- Cve-2024-5022 (CVSS assessment: 5.5) – Use non -internationalized vulnerability of resources that can be used for a kernel memory leakage
“The expluent that is aimed at USB -Drivers Linux has allowed Cellebrite customers to physical access to the blocked Android -device to get around the Android phone lock screen and get privileged access to the device,” Amnesty said.
“In this case, it is emphasized how the attackers in the real world operate the Android USB Attack surface, using a wide range of elderly USB kernel drivers that are supported in Linux kernels.”
The activist, who was named “Vedran” to protect his privacy, was taken to the police and his phone was confiscated on December 25, 2024 after he attended a student protest in Belgrade.
Analysis Amnesty showed that Exploit was used to unlock its Samsung Galaxy A32 and that the authorities tried to install an unknown Android app. While the exact nature of the Android app remains unclear, Modus Operandi corresponds to the previous Spysware Novispy Infections were reported in mid -December 2024.
Earlier this week Cellebrite – Note Its tools are not designed to facilitate any type of offensive cyber -activity, and that it is actively working to reduce its technology abuse.
The Israeli company also stated that Serbia would no longer use its software, stating that “it was appropriate for us to stop using our products with appropriate customers at this time.”
