CVE-2018-15007

Name of the Vulnerable Software and Affected Versions The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069 trx l601 sky/x6069 trx l601 sky:6.0/MRA58K/1482897127:user/release-keys com.fw.upgrade.sysoper version 2.3.8

Description The pre-installed platform app contains an exported broadcast receiver app component named com.adups.fota.sysoper.WriteCommandReceiver that allows any app co-located on the device to supply arbitrary commands to be executed as the system user. This can allow a third-party app to perform various malicious actions, such as video recording the user's screen, factory resetting the device, obtaining the user's notifications, reading the logcat logs, injecting events in the Graphical User Interface (GUI), changing the default Input Method Editor (IME) with one contained within the attacking app that contains keylogging functionality, and obtaining the user's text messages.

Recommendations For The Sky Elite 6.0L+ Android device, consider disabling the com.adups.fota.sysoper.WriteCommandReceiver component until a patch is available. For com.fw.upgrade.sysoper version 2.3.8, restrict access to the app to minimize the risk of exploitation. Avoid using the com.fw.upgrade.sysoper app until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.