Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGoogle_androidCVELIST:CVE-2017-13209
HistoryJan 12, 2018 - 11:00 p.m.

CVE-2017-13209

2018-01-1223:00:00
google_android
www.cve.org
2

EPSS

0.003

Percentile

69.9%

JSON

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217907.

CNA Affected

[
  {
    "product": "Android",
    "vendor": "Google Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "8.0"
      },
      {
        "status": "affected",
        "version": "8.1"
      }
    ]
  }
]

Related

zdt 1
exploitdb 1
prion 1
nvd 1
cve 1
zdt
zdt
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit
2018-01-11 00:00:00
exploitdb
exploitdb
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon
2018-01-11 00:00:00
prion
prion
Privilege escalation
2018-01-12 23:29:00
nvd
nvd
CVE-2017-13209
2018-01-12 23:29:01
cve
cve
CVE-2017-13209
2018-01-12 23:29:01

EPSS

0.003

Percentile

69.9%

JSON
Related for CVELIST:CVE-2017-13209
zdt1exploitdb1prion1nvd1cve1