Vulnerability Note: VU#787952: Several Android mobile devices contain multiple vulnerabilities within OEM-pre-installed apps
Published: 2018-08-14 19:59:13-04:00
Description: Many Android mobile devices come with OEM-pre-installed apps. Some apps have been identified as having incorrect access control settings,allowing in some circumstances malicious third-party apps to exploit and bypass system permissions and settings. Additionally,some Android and iOS apps embed a hard-coded cryptographic key and/or use a weak cryptographic algorithm allows for an attacker to obtain elevated access to vulnerable mobile apps.