漏洞标题
N/A
漏洞描述信息
在 Shanghai Adups 软件的LUR R1 HD设备上发现了一个问题。 involved in the exfiltration的两个包名是 com.adups.fota 和 com.adups.fota.sysoper。在 com.adups.fota.sysoper app 的AndroidManifest.xml文件中,它设置了 android:sharedUserId 属性为 android.uid.system,使其成为系统用户执行,这是设备中非常特权的用户。因此,作为系统用户的应用程序已经获得了许多强大的权限,尽管这些权限不在 com.adups.fota.sysoper app 的 AndroidManifest.xml 文件中列出。这个应用程序通过 com.adups.fota.sysoper.provider.InfoProvider 组件向 com.adups.fota 应用程序提供用户通话记录、短信和各种设备标识符的访问。在运行过程中,com.adups.fota 应用程序使用日期时间,每72小时可以提取用户 PII。如果日期时间值自那时以来已过去了72小时,那么用户将可以通过将设备充电或离开或进入无线网络触发此提取。提取将在后台进行, without any user interaction。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. Therefore, the app executing as the system user has been granted a number of powerful permissions even though they are not present in the com.adups.fota.sysoper app's AndroidManifest.xml file. This app provides the com.adups.fota app access to the user's call log, text messages, and various device identifiers through the com.adups.fota.sysoper.provider.InfoProvider component. The com.adups.fota app uses timestamps when it runs and is eligible to exfiltrate the user's PII every 72 hours. If 72 hours have passed since the value of the timestamp, then the exfiltration will be triggered by the user plugging in the device to charge or when they leave or enter a wireless network. The exfiltration occurs in the background without any user interaction.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
BLU R1 HD Adups Fota 加密问题漏洞
漏洞描述信息
BLU R1 HD是美国BLU公司的一款智能手机。Adups Fota是其中的一款中国广升(Adups)公司的用于移动设备的基于云的系统升级推送软件。 BLU R1 HD中的Adups Fota存在加密问题漏洞。本地攻击者可利用该漏洞获取提升的权限。
CVSS信息
N/A
漏洞类别
加密问题