The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a root shell via ADB. Modifying the read-only properties by an app as the system user creates a UNIX domain socket named factory_test that will execute commands as the root user by processes that have privilege to access it (as per the SELinux rules that the vendor controls).
References
Link | Resource |
---|---|
https://www.kryptowire.com/portal/android-firmware-defcon-2018/ | Third Party Advisory |
https://www.kryptowire.com/portal/android-firmware-defcon-2018/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:10
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.kryptowire.com/portal/android-firmware-defcon-2018/ - Third Party Advisory |
Information
Published : 2018-08-29 19:29
Updated : 2024-11-21 04:10
NVD link : CVE-2018-6597
Mitre link : CVE-2018-6597
CVE.ORG link : CVE-2018-6597
JSON object : View
Products Affected
alcatel
- a30_firmware
- a30
CWE