NoGoolag

Forwarded from Pegasus NSO & other spyware

Becoming any Android app via Zygote command injection | Meta Red Team X

We have discovered a vulnerability in Android that allows an attacker with the WRITE_SECURE_SETTINGS permission, which is held by the ADB shell and certain privileged apps, to execute arbitrary code as any app on a device. By doing so, they can read and write any app’s data, make use of per-app secrets and login tokens, change most system configuration, unenroll or bypass Mobile Device Management, and more. Our exploit involves no memory corruption, meaning it works unmodified on virtually any device running Android 9 or later, and persists across reboots.

#Zygote #Android #Vulnerability

243 views21:25

About

Blog

Apps

Platform