Summary: Amnesty International revealed that Cellebrite’s mobile forensic tools exploited zero-day vulnerabilities to access a locked Android device of a Serbian student activist. The exploitation targeted essential Linux USB drivers, potentially affecting over a billion Android devices. This incident exemplifies the misuse of forensic technology by authorities and the urgent need for enhanced security measures by Android vendors to protect against such vulnerabilities.
Affected: Cellebrite, Android devices, Serbian security agencies
Keypoints :
- Amnesty International identified vulnerabilities in Linux USB drivers exploited by Cellebrite tools to bypass Android device security.
- Three vulnerabilities (CVE-2024-53104, CVE-2024-53197, CVE-2024-50302) were found, affecting many devices and resulting in root access for attackers.
- Cellebrite suspended its products’ use by Serbian customers, but evidence suggests widespread misuse of its forensic tools against civil society continues.