OS 360 Security Bulletin Board

OS 360 is the Elo's way of securing your Elo Android devices from the emerging Android threats. OS 360 offers security updates and Android OS upgrades to ensure the Elo Android devices have a longer OS life and performs optimally throughout its lifecycle. Here you will find details on the latest updates for your Elo Android devices supported under OS 360.

Elo makes every effort to deliver bi-monthly security updates in a timely manner.

Please note, some updates may take longer than others if additional review and quality check is needed to ensure that the integrity of each Elo device is not compromised. Elo will do its best to align the releases with chipset vendors. In case Elo is not able to release an update for a specific month it will be integrated as part of the following release.

Month Severe Vulnerabilities Supported Devices
& OS Versions
October 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.016.00XX+p
AOSP: 6.000.016.00XX+ap
Value
GMS: 6.000.017.00XX+v
AOSP: 6.000.017.00XX+av
September 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.015.0008+p
AOSP: 6.000.015.0008+ap
Value
GMS: 6.000.016.00XX+v
AOSP: 6.000.016.00XX+av
August 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote information disclosure with no additional execution privileges needed.
  3. Lead to remote code execution with System execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.014.0014+p
AOSP: 6.000.014.0014+ap
Value
GMS: 6.000.015.0001+v
AOSP: 6.000.015.0001+av
July 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local escalation of privilege in the kernel with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.013.0045+p
AOSP: 6.000.013.0045+ap
Value
GMS: 6.000.014.0001+v
AOSP: 6.000.014.0001+av
June 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local escalation of privilege in the kernel with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.012.0003+p
AOSP: 6.000.012.0003+ap
Value
GMS: 6.000.013.0040+v
AOSP: 6.000.013.0040+av
May 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local escalation of privilege in the kernel with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.011.0011+p
AOSP: 6.000.011.0011+ap
Value
GMS: 6.000.012.0001+v
AOSP: 6.000.012.0001+av
April 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.010.0030+p
AOSP: 6.000.010.0030+ap
Value
GMS: 6.000.011.0003+v
AOSP: 6.000.011.0003+av
March 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.009.0014+p
AOSP: 6.000.009.0014+ap
Value
GMS: 6.000.010.0027+v
AOSP: 6.000.010.0027+av
February 2024 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.008.0007+p
AOSP: 6.000.008.0007+ap
Value
GMS: 6.000.009.0002+v
AOSP: 6.000.009.0002+av
January 2024 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.007.0065+p
AOSP: 6.000.007.0065+ap
Value
GMS: 6.000.008.0003+v
AOSP: 6.000.008.0003+av
Month Severe Vulnerabilities Supported Devices
& OS Versions
December 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to remote escalation of privilege with no additional execution privileges needed.
  2. Lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.
  3. Lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.006.0001+p
AOSP: 6.000.006.0001+ap
Value
GMS: 6.000.007.000X+v
AOSP: 6.000.007.000X+av
November 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local information disclosure with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.005.0003+p
AOSP: 6.000.005.0003+ap
Value
GMS: 6.000.006.0002+v
AOSP: 6.000.006.0002+av
October 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.
  3. Lead to exploitation without user interaction.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.004.0060+p
AOSP: 6.000.004.0060+ap
Value
GMS: 6.000.005.0003+v
AOSP: 6.000.005.0003+av
September 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.003.0004+p
AOSP: 6.000.003.0004+ap
Value
GMS: 6.000.004.0075+v
AOSP: 6.000.004.0075+av
August 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Lead to remote information disclosure with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
  3. Lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.
  4. Lead to local escalation of privilege with System execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.002.0012+p
AOSP: 6.000.002.0012+ap
Value
GMS: 6.000.003.0001+v
AOSP: 6.000.003.0001+av
July 2023 Android Security Bulletin The update addresses the
following vulnerabilities
and improvements:
  1. Allow possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.
  2. Lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
  3. Lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
  4. Local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 6.000.001.0040+p
AOSP: 6.000.001.0040+ap
Value
GMS: 6.000.001.0100+v
AOSP: 6.000.001.0100+av
June 2023 The update addresses the
following vulnerabilities
and improvements:
  1. Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
  2. Memory corruption due to double free in core while initializing the encryption key.
  3. Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
  4. Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
  5. Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
  6. Peripheral devices under Peripheral tab of EloView disappear after device reboot when powered by Power over Ethernet (PoE).
  7. Improves access to the latest ANR logs by making it easily available via TeamViewer or File Explorer and saving older logs.
  8. EloView display timer feature support for offline environments.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.027.0018+p
AOSP: 5.000.027.0018+ap
Value
GMS: 5.000.027.0007+v
AOSP: 5.000.027.0007+av
May 2023 The update addresses the
following vulnerabilities
and improvements:
  1. Mitigates the risk of executing arbitrary code on the device which could escalate privileges, cause a denial-of-service (DoS) condition or gain access to sensitive data.
  2. Resolves an issue that occurred during the first-time out-of-box experience when devices were connected to Ethernet.
  3. Improves access to the latest ANR logs by making it easily available via TeamViewer or File Explorer.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.026.0013+p
AOSP: 5.000.026.0013+ap
Value
GMS: 5.000.026.0007+v
AOSP: 5.000.026.0007+av
February 2023 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.024.0021+p
AOSP: 5.000.024.0021+ap
Value
GMS: 5.000.025.0069+v
AOSP: 5.000.025.0069+av
January 2023 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local escalation of privilege of BLE with no additional execution privileges needed.
  3. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.023.0013+p
AOSP: 5.000.023.0013+ap
Value
GMS: 5.000.024.0001+v
AOSP: 5.000.024.0001+av
Month Severe Vulnerabilities Supported Devices
& OS Versions
December 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local information disclosure with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
  3. Lead to remote code execution over Bluetooth with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.022.0077+p
AOSP: 5.000.022.0077+ap
Value
GMS: 5.000.023.0001+v
AOSP: 5.000.023.0001+av
November 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local denial of service with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.021.0014+p
AOSP: 5.000.021.0018+ap
Value
GMS: 5.000.021.0008+v
AOSP: 5.000.021.0008+av
October 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local information disclosure with User execution privileges needed.
  3. Lead to local escalation of privilege with System execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.020.0001+p
AOSP: 5.000.020.0001+ap
Value
GMS: 5.000.020.0002+v
AOSP: 5.000.020.0002+av
September 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to local information disclosure of network data with no additional execution privileges needed.
  3. Lead to local escalation of privilege in system libraries with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.019.0062+p
AOSP: 5.000.019.0062+ap
Value
GMS: 5.000.019.0061+v
AOSP: 5.000.019.0061+av
August 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote information disclosure with no additional execution privileges needed.
  3. Lead to local escalation of privileges with User execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.018.0001+p
AOSP: 5.000.018.0001+ap
Value
GMS: 5.000.019.00061+v
AOSP: 5.000.019.00061+av
July 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local information disclosure with no additional execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
  3. Lead to local escalation of privilege with User execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.017.0001+p
AOSP: 5.000.017.0001+ap
Value
GMS: 5.000.018.0005+v
AOSP: 5.000.018.0005+av
June 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with User execution privileges needed.
  2. Lead to remote code execution with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.016.0001+p
AOSP: 5.000.016.0001+ap
Value
GMS: 5.000.017.0005+v
AOSP: 5.000.017.0005+av
May 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with User execution privileges needed.
  2. Lead to local escalation of privilege with no additional execution privileges needed.
  3. Lead to local escalation of privilege in system libraries with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS:5.000.015.0001+p
AOSP: 5.000.015.0001+ap
Value
GMS: 5.000.016.0091+v
AOSP: 5.000.016.0091+av
April 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed.
  2. Lead to remote information disclosure with no additional execution privileges needed.
  3. Lead to local escalation of privilege from the Guest account with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS:5.000.014.0001+p
AOSP: 5.000.014.0001+ap
Value
GMS: 5.000.015.0004+v
AOSP: 5.000.015.0004+av
March 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with System execution privileges needed.
  2. Lead to local escalation of privilege with User execution privileges needed.
  3. Lead to remote information disclosure with no additional execution privileges needed.
  4. Lead to remote escalation of privilege with no additional execution privileges needed.
  5. Lead to local escalation of privilege with no additional execution privileges needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.013.0037+p
AOSP: 5.000.013.0037+ap
Value
GMS: 5.000.014.0011+v
AOSP: 5.000.014.0011+av
February 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
  2. Lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
  3. Lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.012.0008+p
AOSP: 5.000.012.0008+ap
Value
GMS: 5.000.012.0001+v
AOSP: 5.000.012.0001+av
January 2022 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions.
  2. Lead to remote escalation of privilege with no additional execution privileges or user interaction needed.
  3. Enable a local privileged attacker to install existing packages without requiring user consent.
  4. Enable a local attacker to bypass memory restrictions in order to gain access to additional permissions.
  5. Lead to a local escalation of privilege due to a race condition, with no additional execution privileges or user interaction needed.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.011.0005+p
AOSP: 5.000.011.0005+ap
Value
GMS: 5.000.011.0013+v
AOSP: 5.000.011.0013+av
Month Severe Vulnerabilities Supported Devices
& OS Versions
December 2021 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Lead to memory corruption by a local attacker, with no privileges or user interaction required.
  2. Lead to remote information disclosure with no additional execution privileges needed.
  3. Enable a remote attacker to execute arbitrary code within the context of a privileged process.
  4. Lead to remote information disclosure with no additional execution privileges needed.
  5. Lead to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user.
Supported Devices
I-Series 4, Backpack 4, M50, M50C, M60, M60C

OS Versions
Standard
GMS: 5.000.010.0019+p
AOSP: 5.000.010.0019+ap
Value
GMS: 5.000.011.0013+v
AOSP: 5.000.011.0013+av
November 2021 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Enable a local attacker to gain access to additional permissions with no user interaction required.
  2. Enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions.
  3. Enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.
Supported Devices
I-Series 4, Backpack 4, M50, M50C

OS Versions
Standard
GMS: 5.000.009.0013+p
AOSP: 5.000.009.0013+ap
Value
GMS: 5.000.010.0096+v
AOSP: 5.000.010.0096+av
October 2021 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Enable a local malicious application to execute arbitrary code within the context of a privileged process.
  2. Enable a local attacker with physical access to the device to execute arbitrary code in order to gain access to additional permissions.
Supported Devices
I-Series 4, Backpack 4, M50, M50C

OS Versions
Standard
GMS: 5.000.008.0007+p
AOSP: 5.000.008.0005+ap
Value
GMS: 5.000.009.0011+v
AOSP: 5.000.009.0011+av
September 2021 Android Security Bulletin The most severe vulnerability
for this month could:
  1. Enable a remote attacker using a specially crafted file to cause a permanent denial of service.
  2. Enable a local malicious application to bypass operating system protections that isolate application data from other applications.
Supported Devices
I-Series 4, Backpack 4, M50, M50C

OS Versions
Standard
GMS: 5.000.007.0001+p
AOSP: 5.000.007.0001+ap
Value
GMS: 5.000.008.0010+v
AOSP: 5.000.008.0010+av