As technology has improved, so has the abilities of those with nefarious intentions. This means that hackers and bad actors are actively seeking flaws within the technology we use on a daily basis. A new zero-day vulnerability on Android phones is just more proof that this is the case.
To be clear, Android phones aren’t the only mobile devices open to flaws in their code. Earlier this week Apple’s operating systems were also targeted by malicious hackers. It is a constant battle between the black hat hackers seeking to harvest valuable user data and the white hat hackers trying to close the holes to protect user data.
This particular zero-day vulnerability was exploited by the Israeli surveillance vendor NSO Group who has been accused of selling exploits to governments who then gain control of targeted Android phones.
Discovered by Project Zero researcher Maddie Stone, the details and a proof-of-concept exploit for the high-severity security vulnerability, tracked as CVE-2019-2215, has been made public today—just seven days after reporting it to the Android security team.
The zero-day is a use-after-free vulnerability in the Android kernel’s binder driver that can allow a local privileged attacker or an app to escalate their privileges to gain root access to a vulnerable device and potentially take full remote control of the device.
The vulnerability resides in versions of Android kernel released before April last year, a patch for which was included in the 4.14 LTS Linux kernel released in December 2017 but was only incorporated in AOSP Android kernel versions 3.18, 4.4 and 4.9.
Therefore, most Android devices manufactured and sold by a majority of vendors with the unpatched kernel are still vulnerable to this vulnerability even after having the latest Android updatesThe Hacker News
Some of the Android phones that are affected by this vulnerability include:
- The Original Google Pixel and Pixel XL
- Google Pixel 2 and Pixel 2 XL
- Huawei P20
- Xiaomi Redmi 5A
- Xiaomi Redmi Note 5
- Xiaomi A1
- Oppo A3
- Moto Z3
- Oreo LG phones
- Samsung Galaxy S7, S8, and S9
This zero-day vulnerability can be exploited on an Android phone remotely but Google is working on a patch for this and it should be available soon. Be sure to read The Hacker News for more on this.