CVE-2024-32896

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 6 articles

VulnLookup ↗ NVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

0.19%

probability

This CVE has a 0.19% probability of being exploited in the next 30 days.

0% Top 40.8th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-670 · Always-Incorrect Control Flow Implementation CWE-691 CWE-783 · Operator Precedence Logic Error

Google Project Zero

Patched

June 11, 2024

Reported by

???

Root Cause Analysis

???

Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day

TheHackerNews

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

TheHackerNews

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products

TheHackerNews

Google Patches New Android Kernel Vulnerability Exploited in the Wild

TheHackerNews

Google patches exploited Android zero-day on Pixel devices

BleepingComputer Jun 12, 2024

Google fixes Android kernel zero-day exploited in targeted attacks

BleepingComputer Aug 05, 2024

Signal Intelligence

Confidenceⓘ

87%

EPSS 0.19%

Mentions 6

Last Seen Aug 05, 2024

CNA Information

Analyst Note

CVE-2024-32896 demonstrates strong indicators of active exploitation with coverage from reputable security sources (BleepingComputer) confirming real-world attacks on Android devices. The inclusion in Google Project Zero and a HIGH CVSS score (8.1) combined with evidence of targeted exploitation justifies high confidence in the confirmed status.

Threat Actors 3

RomCom

apt_group Financial gain 🇷🇺 RU

Void Rabisu

apt_group Financial gain 🇷🇺 RU

Red Dev 17

apt_group 🇨🇳 CN

Triage Info

Decided atMar 03, 2026