Condorlab

ANDROID – Elevation Privilege


Advisory ID
RSN-RA-0002


Vulnerability Information

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28429685. References: M-ALPS02710006.


CVSS Base Score

7.8 High


Release Date

2017-03-07


Solutions

RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0500

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0500