CVE-2018-14995

Name of the Vulnerable Software and Affected Versions ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-keys ZTE ZMAX Pro Android device with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys com.android.modem.service app version 7.1.1 (versionCode=25) and version 6.0.1 (versionCode=23)

Description The pre-installed com.android.modem.service app exports an interface that allows any app to enable and obtain certain log files, including modem and logcat logs, without the necessary access permissions. These logs contain sensitive user data, such as phone numbers and text message content. The logs are written to external storage and can be accessed by an app with the READ EXTERNAL STORAGE permission. A third-party app can activate the logs, parse them for relevant data, and exfiltrate them from the device.

Recommendations For ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, consider disabling the com.android.modem.service app until a patch is available. For ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-keys, consider disabling the com.android.modem.service app until a patch is available. For ZTE ZMAX Pro Android device with a build fingerprint of ZTE/P895T20/urd:6.0.1/MMB29M/20170418.114928:user/release-keys, consider disabling the com.android.modem.service app until a patch is available. For ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys, consider disabling the com.android.modem.service app until a patch is available. As a temporary workaround, consider restricting access to the external storage to minimize the risk of log file exfiltration. At the moment, there is no information about a newer version that contains a fix for this vulnerability.