Android Security & Malware
14.4K members
57 photos
6 files
1.08K links
Mobile infosec news about - security, privacy, malware, bugs, vulnerabilities, data leaks, bug bounty hunting, security tips & tutorials, tools, hacks, ethical hacking, penetration testing, forensic...
Contact: @androidMalware_bot
Download Telegram
to view and join the conversation
Couple of bugs disclosed for Huawei, Motorola, OPPO, Mediatek, Vivo, Meizu, ZTE, K-Touch, Transsion, Digitime devices
Issues: ADB private key leak, a cloud services key leak, and permissions bypass for system APIs
Activation of arbitrary intent due to unsafe deserialization - CVE-2020-0082

This leads to EoP in Android 10.
It could start any privileged intent without permission.
With this vulnerability it would be possible to silently install and uninstall any app.