240 matches found
CVE-2019-16273
DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...
CVE-2019-5308
Mate 20 RS smartphones with versions earlier than 9.1.0.135C786E133R3P1 have an improper authorization vulnerability. The software does not properly restrict certain operation in ADB mode, successful exploit could allow the attacker to switch to third desktop after a series of operation...
PT-2019-17571 · Huawei · Huawei Mate 20
Name of the Vulnerable Software and Affected Versions: Huawei Mate 20 RS versions prior to 9.1.0.135C786E133R3P1 Description: The issue is related to improper authorization in ADB mode, where the software does not properly restrict certain operations. A successful exploit could allow an attacker ...
CVE-2019-16241
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...
Authentication flaw
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...
CVE-2019-16241
CVE-2019-16241 affects TCL Alcatel Cingular Flip 2 B9HUAH1: PIN authentication can be bypassed by placing a specially crafted file in /data/local/tmp/. The System lock-screen app checks for this file’s existence and disables PIN if found, typically via ADB over USB. This is the explicit, device-s...
CVE-2019-16241
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. Thi...
The vulnerability of the Android operating system’s adb module allows a hacker to increase their privileges.
The vulnerability of the Android operating system’s adb module is related to incorrect handling of the socket shutdown operation. Exploiting this vulnerability allows a remote attacker to enhance their privileges through a specially created application...
CVE-2019-6005
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP...
CVE-2019-6005
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP...
Authentication flaw
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP...
CVE-2019-6005
CVE-2019-6005 affects Smart TV Box firmware versions prior to 1300 (KDDI) where enabling LAN access after changing initial network settings allows remote attackers to access Android Debug Bridge on port 5555/TCP. The underlying issue is an access control error (CWE-284) that bypasses restrictions...
CVE-2019-6005
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP...
CVE-2019-13405 Advan VD-1 allows a remote user to enable Android Debug Bridge without any authentication
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...
Smart TV Box fails to restrict access permissions
Overview Smart TV Box provided by KDDI CORPORATION enables access to Android Debug Bridge via port 5555/TCP of LAN side interface. When a cable television provider sets up Smart TV Box at an individual residence, direct access from outside to the LAN side interface of Smart TV Box is disabled...
JVN#17127920: Smart TV Box fails to restrict access permissions
Smart TV Box provided by KDDI CORPORATION enables access to Android Debug Bridge via port 5555/TCP of LAN side interface. When a cable television provider sets up Smart TV Box at an individual residence, direct access from outside to the LAN side interface of Smart TV Box is disabled. However if...
New cryptomining botnet malware hits Android devices
By Uzair Amir The new malware exploits Android Debug Bridge ADB ports. In a research conducted by the Tokyo-based cybersecurity and threat defense firm Trend Micro, it was revealed that there is a new cryptomining malware bot that’s particularly targeting Android devices. The miner exploits the...
Android Debug Bridge (ADB) Accessible Without Authentication
The script checks if the target host is running a service supporting the Android Debug Bridge ADB protocol without an enabled authentication. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Android Debug Bridge (ADB) Protocol Detection
The script tries to identify services supporting the Android Debug Bridge ADB Protocol. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Thousands of Android Devices Running Insecure Remote ADB Service
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge ADB is a command-line feature that generally uses for...