VU#787952: Several Android mobile devices contain multiple vulnerabilities within OEM-pre-installed apps

0

Vulnerability Note: VU#787952: Several Android mobile devices contain multiple vulnerabilities within OEM-pre-installed apps

Published: 2018-08-14  19:59:13-04:00

Description: Many Android mobile devices come with OEM-pre-installed apps. Some apps have been identified as having incorrect access control settings,allowing in some circumstances malicious third-party apps to exploit and bypass system permissions and settings. Additionally,some Android and iOS apps embed a hard-coded cryptographic key and/or use a weak cryptographic algorithm allows for an attacker to obtain elevated access to vulnerable mobile apps.

Source: CERT.ORG