PT-2018-4294 · Google · Android Debug Bridge+1

Imre Rad

Published

2018-01-12

Updated

2018-10-09

CVE-2014-7952

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description The issue concerns the backup mechanism in the Android Debug Bridge (adb) tool, which may allow attackers to inject and execute arbitrary code by exploiting a failure to filter application data streams. This could potentially enable the injection of additional applications (APKs).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2014-7952

Affected Products

Android

Android Debug Bridge

PT-2018-4294 · Google · Android Debug Bridge+1

CVE-2014-7952

Weakness Enumeration

Related Identifiers

Affected Products

References · 7