CVE-2018-6597

Name of the Vulnerable Software and Affected Versions Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys

Description The issue concerns a hidden privilege escalation capability that allows command execution as the root user. This can be achieved by a user with physical access to the device via ADB. An app running as the system user can modify read-only properties, creating a UNIX domain socket named factory test. This socket executes commands as the root user, accessible by processes with the required privilege, as defined by the vendor-controlled SELinux rules.

Recommendations For the Alcatel A30 device with the specified build fingerprint, consider restricting access to the factory test UNIX domain socket to minimize the risk of exploitation. As a temporary workaround, disabling the capability to modify read-only properties by apps running as the system user may help mitigate the issue until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.