Home / News / Information security researcher publishes PoC exploit for critical vulnerability in Android

Information security researcher publishes PoC exploit for critical vulnerability in Android

Grant Hernandez, Ph.D. in science at the University of Florida’s Cybersecurity Institute, has published a PoC exploit for Android’s zero-day vulnerability that allows gaining superuser rights and take control of the device.

At the beginning of October 2019, experts at the Google Project Zero team reported an unpleasant bug in the Android kernel, due to which attackers could gain root access to the target device. The zero-day vulnerability received the identifier CVE-2019-2215 and poses a threat to the following smartphones running Android 8.x and newer:

  1. Pixel 2 running Android 9 and Android 10 preview;
  2. Huawei P20;
  3. Xiaomi Redmi 5A;
  4. Xiaomi Redmi Note 5;
  5. Xiaomi A1;
  6. Oppo A3;
  7. Moto Z3;
  8. Oreo LG smartphones
  9. Samsung S7, S8, S9.

After disclosing information about the problem, Google specialist Maddy Stone published a PoC exploit in the public domain, but its code was somewhat harmless, since it did not use the full potential of the vulnerability.

Now the idea was further developed by Grant Hernandez. He introduced his own PoC exploit called Qu1ckR00t.

“When I heard about the emergency disclosure of CVE-2019-2215 by Project Zero, I decided to replicate the exploit on my local device to see it in action. I so happened to have a vulnerable Pixel 2 with the exact kernel version as my main device (don’t hack me). All I needed to do was compile the exploit and run it over ADB. I downloaded the latest Android NDK and compiled the proof of concept”, — writes Grant Hernandez.

Its exploit allows bypassing such protective mechanisms as DAC (Discretionary Access Control) and Linux Capabilities (CAP), is able to disable SELinux (Security-Enhanced Linux), SECCOMP (Secure Computing Mode) and MAC (Mandatory Access Control). As a result, the tool can be used to gain quick root access to the device, giving the attacker full control.

Read also: Cybercriminals attacked French TV channel M6 with the help of the ransomware

The source code for Qu1ckR00t was published on GitHub, but not as a finished and packaged APK file. That is, the user will have to compile it himself, but after that he will get access to the application, which can provide root access with just one click.

Hernandez warns that he tested Qu1ckR00t only on Pixel 2, and inexperienced users are better off not experimenting with this tool, as they risk disrupting the OS and losing all the data.

Recall that Google engineers as part of the October Tuesday update for Android fixed the vulnerability CVE-2019-2215: patch level 2019-10-06.

In order to protect vulnerable devices from possible exploitation by cybercriminals, users are strongly advised to install the patch released as part of the October security updates.
[Total: 0    Average: 0/5]
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Magento developers fixed RCE vulnerability

Magento developers fixed 10-point RCE vulnerability

CMS Magento developers prepared a patch that fixes a 10-point RCE vulnerability in the e-commerce …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.