Palo Alto Networks

CVE-2014-7911

CVE-2014-7911 – A Deep Dive Analysis of Android System Service Vulnerability and Exploitation

In this post we discuss CVE-2014-7911 and the various techniques that can be used to achieve privilege escalation. We also examine how some of these techniques can be blocked using several security mechanisms.

CVE-2014-7911 was presented here along with a very descriptive POC that was written by Jann Horn. Described briefly, the ObjectInputStream doesn't val...

Jan 06, 2015

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.