Google has recently published the Android security bulletin that includes information on more than 40 critical vulnerabilities. Most of them have the power to lead to a high-severity elevation of privilege within Android.
The first part of the update includes fixes for 20 critical vulnerabilities, where 15 lead to elevation of privilege. The most crucial one is the flaw within the Media Framework component. It can let any cyber-attackers execute arbitrary code for a vulnerable device.
The security vulnerability has been tracked as CVE-2021-0325, where the attackers need to supply a particular file to trigger the bug. Two more flaws of high severity have been named CVE-2021-0332 and CVE-2021-0335.