| Vulnerability Name: | CVE-2014-7953 (CCN-102440) | ||||||||||||
| Assigned: | 2014-10-07 | ||||||||||||
| Published: | 2015-04-17 | ||||||||||||
| Updated: | 2018-10-09 | ||||||||||||
| Summary: | Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat's output looking for a dexopt line, which once found should execute bindBackupAgent with the uid member of the ApplicationInfo parameter set to 1000. | ||||||||||||
| CVSS v3 Severity: | 7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
| ||||||||||||
| CVSS v2 Severity: | 6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C) 5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.1 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-362 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2014-7953 Source: CCN Type: BugTraq Mailing List, Fri, 17 Apr 2015 16:31:12 +0200 CVE-2014-7953 Android backup agent code execution Source: FULLDISC Type: Mailing List, Third Party Advisory 20150417 CVE-2014-7953 Android backup agent code execution Source: CCN Type: Google Web site Android 5.0 (Lollipop) Source: BUGTRAQ Type: UNKNOWN 20150417 CVE-2014-7953 Android backup agent code execution Source: BID Type: Third Party Advisory, VDB Entry 74213 Source: CONFIRM Type: UNKNOWN https://android.googlesource.com/platform/frameworks/base/+/a8f6d1b%5E!/ Source: XF Type: UNKNOWN android-cve20147953-code-exec(102440) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||