Summary: Serbian authorities utilized a zero-day exploit chain by Cellebrite to unlock a student activist’s device and install spyware. This incident has raised concerns over privacy rights, prompting Cellebrite to restrict access to its tools for Serbian security services. Meanwhile, vulnerabilities identified in the Android kernel remain partially unaddressed, posing ongoing risks.
Affected: Serbian authorities, Cellebrite, Android devices
Keypoints :
- Amnesty International discovered the exploit during forensic research on the compromised device.
- Cellebrite’s tools were used to bypass security measures, leading to a privacy rights violation case in Serbia.
- Three vulnerabilities in the Linux kernel USB drivers were identified as exploited zero-days, with one already patched.
- USB exploits target system vulnerabilities to gain unauthorized access, highlighting the risks of physical device access.
- General mitigations for users include disabling USB debugging and enabling Full Disk Encryption.