Security News > 2015 > July > Flawed Android backup mechanism can lead to injected malicious apps (Help Net Security)

Flawed Android backup mechanism can lead to injected malicious apps (Help Net Security)
2015-07-13 12:26

A flaw (CVE-2014-7952) in Android's backup/restore mechanism can be exploited by knowledgeable developers to "respawn" malicious apps on phones, and make them gain top-level access and potentially dan...


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/FDmK8mLkIjI/secworld.php

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-01-12 CVE-2014-7952 Injection vulnerability in Google Android
The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.
local
low complexity
google CWE-74
4.6

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Android 4 0 17 2 0 19