MOXA Service 安全漏洞

MOXA Service is a hardware equipment base service of China MOXA Company. MOXA Service suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary code...

Google Android Information Disclosure Vulnerability (CNVD-2020-53766)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. Android version 11 SoundTriggerHwService has a security vulnerability that can be exploited by attackers to obtain sensitive information...

CVE-2019-2023

In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....

CVE-2019-2023

In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....

CVE-2019-2023

In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....

CVE-2019-2023

CVE-2019-2023 affects Android's hardware ServiceManager::add, where an insecure PID-based permissions check can let an app add or replace a HAL service, enabling code execution in a privileged process. Supported in multiple feeds (NVD, Red Hat, PRION, CIRCL) with exploited/attack data referenced ...

Privilege escalation

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code...

CVE-2017-13209

This CVE (CVE-2017-13209) affects Android 8.0–8.1 and is due to an insecure permissions check in ServiceManager::add of the hardware service manager. The check based on the caller’s PID could allow an application or service to replace a HAL service with its own, enabling local elevation of privil...

CVE-2017-13209

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit

Exploit for Android platform in category dos / poc This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain and other core processes, including systemserver,...

Android Mediaserver SoundTriggerHwService.cpp Elevation of Privilege Vulnerability

Android is an open source operating system based on Linux. A security vulnerability in the services/soundtrigger/SoundTriggerHwService.cpp file in Android's Mediaserver allows remote attackers to exploit the vulnerability to build malicious applications with elevated privileges...