• About
  • Advertise
  • Careers
  • Contact
Friday, March 31, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Cyber Attacks

New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild

by Cyber360 News
November 11, 2019
in Cyber Attacks
0
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter
android vulnerability

Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world’s most widely used mobile operating system, Android.

What’s more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, to gain control of their targets’ Android devices.

Discovered by Project Zero researcher Maddie Stone, the details and a proof-of-concept exploit for the high-severity security vulnerability, tracked as CVE-2019-2215, has been made public today—just seven days after reporting it to the Android security team.

The zero-day is a use-after-free vulnerability in the Android kernel’s binder driver that can allow a local privileged attacker or an app to escalate their privileges to gain root access to a vulnerable device and potentially take full remote control of the device.

Vulnerable Android Devices

The vulnerability resides in versions of Android kernel released before April last year, a patch for which was included in the 4.14 LTS Linux kernel released in December 2017 but was only incorporated in AOSP Android kernel versions 3.18, 4.4 and 4.9.

Therefore, most Android devices manufactured and sold by a majority of vendors with the unpatched kernel are still vulnerable to this vulnerability even after having the latest Android updates, including below-listed popular smartphone models :

  • Pixel 1
  • Pixel 1 XL
  • Pixel 2
  • Pixel 2 XL
  • Huawei P20
  • Xiaomi Redmi 5A
  • Xiaomi Redmi Note 5
  • Xiaomi A1
  • Oppo A3
  • Moto Z3
  • Oreo LG phones
  • Samsung S7
  • Samsung S8
  • Samsung S9

To be noted, Pixel 3, 3 XL, and 3a devices running the latest Android kernels are not vulnerable to the issue.

Android Flaw Can Be Exploited Remotely

According to the researcher, since the issue is “accessible from inside the Chrome sandbox,” the Android kernel zero-day vulnerability can also be exploited remotely by combining it with a separate Chrome rendering flaw.

“The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox,” Stone says in the Chromium blog.

“I’ve attached a local exploit proof-of-concept to demonstrate how this bug can be used to gain arbitrary kernel read/write when running locally. It only requires the untrusted app code execution to exploit CVE-2019-2215. I’ve also attached a screenshot (success.png) of the POC running on a Pixel 2, running Android 10 with security patch level September 2019.”

Patches to be Made Available Soon

Though Google will release a patch for this vulnerability in its October’s Android Security Bulletin in the coming days and also notified OEMs, most affected devices would not likely receive the patch immediately, unlike Google Pixel 1 and 2.

Web Application Firewall

“This issue is rated as High severity on Android and by itself requires installation of a malicious application for potential exploitation. Any other vectors, such as via web browser, require chaining with an additional exploit,” the Android security team said in a statement.

“We have notified Android partners, and the patch is available on the Android Common Kernel. Pixel 3 and 3a devices are not vulnerable while Pixel 1 and 2 devices will be receiving updates for this issue as part of the October update.”

Google’s Project Zero division usually gives software developers a 90-day deadline to fix the issue in their affected products before going public with the details and PoC exploits, but in case of active exploits, the team goes public after seven days of privately being reported.

What’s your take? Although this vulnerability is severe and can be used to gain root access to an Android device, users need not worry that much as the exploitation of such issues is mostly limited to targeted attack scenarios.

Nevertheless, it’s always a good idea to avoid downloading and installing apps from third-party app stores and any unnecessary apps, even from the Google Play Store.

Cyber360 News

Cyber360 News

Next Post
A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In