CVE-2018-14997

Name of the Vulnerable Software and Affected Versions Leagoo P1 Android device with a build fingerprint of sp7731c 1h10 32v4 bird:6.0/MRA58K/android.20170629.214736:user/release-keys

Description The android framework in the Leagoo P1 Android device has been modified, allowing any app on the device to initiate taking a screenshot and write it to external storage. This can be done without the user's knowledge, although a screen animation and notification will occur. If an app has the EXPAND STATUS BAR permission, it can also wake the device and take a screenshot of the user's notifications, potentially accessing sensitive data like two-factor authentication text messages.

Recommendations For the Leagoo P1 Android device with the specified build fingerprint, consider disabling the EXPAND STATUS BAR permission for all apps to minimize the risk of exploitation. As a temporary workaround, users can manually monitor and manage app permissions to reduce the attack surface. However, since the system server process cannot be disabled, and given the nature of the issue, at the moment, there is no information about a newer version that contains a fix for this vulnerability.