tag: Android

Leveraging Android Permissions: A Solver Approach

20 Jun, 2023 by Jérémy Breton
#Android
#Permissions
#CVE
#Vulnerability Research

The Android permission management system has already suffered from several vulnerabilities in the past. Such weaknesses can grant dangerous permissions to a malevolent application, an example being CALL_LOG, which gives access to all incoming and outgoing calls.

This post dives into the Android permission system and how a solver was leveraged to find new vulnerabilities. With this approach, a privilege escalation was identified, which was fixed and assigned CVE-2023-20947 by Google.

Read more

The Fuzzing Guide to the Galaxy: An Attempt with Android System Services

20 Apr, 2023 by Anthony REMY
#Android
#CVE
#Fuzzing
#Vulnerability Research
Although the Android base is open source, many different constructors customize it with their own UIs and APIs. All these additions represent an extra attack surface that can change from one phone model to another. We tried to automatically fuzz the closed-source system services powering these modifications, discovering CVE-2022-39907 and CVE-2022-39908 along the way.
Read more

ARM TrustZone: pivoting to the secure world

24 Mar, 2023 by Anonymous
#Android
#Exploit
#Vulnerability Research
  1. Discovery of two vulnerabilities in secure world components
  2. Exploitation to get code execution in a trusted driver, while not having a debugger for this obscure environment
  3. Leverage of aarch32 T32 instruction set to find nice stack pivots
  4. Turning an arbitrary write into an arbitrary code execution
Read more