• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Unpatched 0-Day Android Vulnerability

September 14, 2019 By Emil Hozan

Having been notified back in March, Google has yet to patch a 0-day vulnerability that allows for privilege escalation attacks. TrendMicro researchers in collaboration with the Zero Day Initiative went public on September 4th, 2019. In order to exploit this vulnerability, attackers must first obtain the ability to execute high-privileged code and would need local access to the Android device. Local access can come in the form of an application maliciously requesting odd permissions – all the more reason to not eagerly grant permissions for just any app.

The vulnerability was found within the Video for Linux 2 (v4l2) driver. This is a device driver API that supports real-time video capturing. How the vulnerability is exploited is by not validating an input objects existence prior to operating on it. Failure to do so allows attackers to escalate privileges using the kernel’s context. Let’s put it this way: obtaining the ability to do anything as the kernel basically allows unrestricted access to a device. I previously wrote about the different layers of a computer system that expands on this subject.

 

Per the disclosure, the mitigation technique is, “…to restrict interaction with the service. Only the clients and servers that have a legitimate procedural relationship with the service should be permitted to communicate with it.” On that same note, ensure you only install apps from the Google Play Store and that you’re on the lookout for odd permission requests.

Share This:

Related

Filed Under: Editorial Articles Tagged With: 0day, mobile hack, mobile security, mobile threats

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use