Google recently disclosed two critical vulnerabilities (CVE-2024-29745 and CVE-2024-29748) affecting Pixel smartphones that are being actively exploited by forensic companies. These zero-day flaws, which haven’t yet been patched, could potentially allow unauthorised access to user data.


The news comes more than two months after a similar disclosure by the GrapheneOS team, which revealed that forensic firms were using firmware vulnerabilities to extract data from Pixel and Samsung Galaxy devices, even when the phones were switched off.

About this vulnerabilityies the maintainers of GrapheneOS said they “are being actively exploited in the wild by forensic companies”:

“Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory.”

While acknowledging the existence of these exploits, Google downplayed the widespread risk, saying there was only evidence of “limited, targeted exploitation”. But that shouldn’t diminish the seriousness of the situation.

What this means for Pixel users

Pixel users should be cautious, especially if they think they might be involved in forensics analysis. While the details of the exploit remain unknown, it’s advisable to keep up to date with Google’s upcoming security patches and prioritise installing them as soon as they become available.