CVE-2013-6769

Name of the Vulnerable Software and Affected Versions CyanogenMod/ClockWorkMod/Koush Superuser package version 1.0.2.1

Description The issue allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su. This could potentially lead to unauthorized access and control of the system.

Recommendations For version 1.0.2.1, consider restricting access to the /system/xbin/su executable until a patch is available. As a temporary workaround, avoid using the -c option with potentially malicious input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.