Latest Android security vulnerability exposes system data to rogue apps

Good smartphone security is all about vigilance; no matter what you do to make sure you've got the latest system updates installed, or keep all your apps up to date, it seems like there's always another threat right around the corner – and the first step towards protecting yourself from its fallout is knowing that threat exists. Today we learn about the latest vulnerability to impact Android devices, as a long-standing bug is finally uncovered.

The vulnerability in question appears to have been introduced sometime around 2011, and is known to affect devices running releases as recent as Lollipop. The exploit is of the privilege escalation variety, letting malicious apps achieve greater access to system resources than the user may be aware of.

Basically, a flaw in a Qualcomm-designed Android API related to tethering and network management allows apps to overstep their own permissions and execute tasks as the system's “radio” user – one with plenty of access to network and call data.

Potential risks include an app getting unauthorized access to call history, SMS logs, or being able to communicate over the internet without express permission to do so. We realize that none of these sound so severe as the consequences we saw with last year's Stagefright attacks, but with users for whom privacy is an especially salient concern, this vulnerability still has the potential to reveal sensitive personal data.

The good news is that while this issue is still present in modern devices, it tends to be less useful to malicious apps in more recent Android versions. That said, the researchers who discovered the bug suggest that OEM changes to system code could cause the full impact of the flaw to vary between devices otherwise on the same Android version, so it's difficult to make blanket statements about possible risk.

Our good news continues with word that Qualcomm's already developed a patch for the bug, and alerted its manufacturing partners back in March. But even that good news comes with an asterisk after it, as due to this bug being around for as long as it has, and migrating to Android forks like CyanogenMod, it's unlikely that many older devices will ever be patched, and even modern hardware running custom code may continue to be vulnerable.

source: FireEye via SlashGear



2. tokuzumi

Posts: 1961; Member since: Aug 27, 2009

Must not be too big of an issue, since this has been around since 2011...

8. xondk

Posts: 1904; Member since: Mar 25, 2014

Still requires user to install malicious app, so yeah once that is in, it uses something to get access to more then it should, describes a lot of security holes now a days, on most anywhere. So yeah, will get fixed I am sure.

10. StephenS

Posts: 18; Member since: May 02, 2016

The problem here is that no existing malicious-app detection systems will flag this attack, as it uses common Android APIs.

16. marorun

Posts: 5029; Member since: Mar 30, 2015

StephenS in fact existing malicious-app detection systems can also run all the time on your device ( i remember my moto x play asked me if i wanted thats and i said yes ) So if an app use access thats are not in the list of official access its will be detected.

12. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

it is not that hard for most people to accidently do so. Everyday I deal did that get there...

17. marorun

Posts: 5029; Member since: Mar 30, 2015

Also deal with this every day but when i dig a bit i find out the following : Client clicked a link in a text or email. installed an apk files from outside of the market. So basically the user acted like a moron. 6 year or more i use android and never had a single malware on my devices ( i must admit i am a long time PC user so i know what to do and what not to do. ) worst user are the one thats beleive they are in security with the current phone they have and then say its impossible for them to be hacked. Example of this i had a iphone user thats was having issue of is phone sending link by text to all is contact but then found out he installed a malicious app from apple app store ( the app was probably removed very fast but the app was already installed on is device... bad timing for him i guess ) The client was like its impossible thats i got infected its must be a bug blablabla.

18. james2841

Posts: 167; Member since: Dec 10, 2014

it only affects android JB at or below 4.3

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.