SMS vulnerability in all Nexus
Last Friday, at the DefCamp Security Conference, researcher Bogdan Alecu demonstrated a serious vulnerability, which he found in all Nexus smartphones. With its help, the attacker can force the smartphone to reboot or cause problems in the work of some services.
The attack consists of sending several so-called Class 0 “Flash” messages to the target phone. Such “Quick” messages are usually used by emergency services and they immediately appear on the phone screen, bypassing the standard SMS processing application. When you receive such a message, the sound does not play, but one window of this message remains on the screen. The problem is that receiving 20-30 such messages causes system overload. Most often this results in the fact that the smartphone stops responding or reboots, in some cases, the Messages application itself drops or the service responsible for cellular communication fails.
')
Interestingly, Aleku notified the Android Security Team of the vulnerability a year ago, but initially received only an automatic response. Further attempts to contact the responsible specialists were unsuccessful, and he decided to publish the information. He has now, in conjunction with Michael Müller, developed the Class0Firewall to combat this threat.
He also notes that his attack so far only leads to failures, but in theory it can also be used for remote code execution.
Vulnerability works on all Nexus with default Android, up to version KitKat.
The attack consists of sending several so-called Class 0 “Flash” messages to the target phone. Such “Quick” messages are usually used by emergency services and they immediately appear on the phone screen, bypassing the standard SMS processing application. When you receive such a message, the sound does not play, but one window of this message remains on the screen. The problem is that receiving 20-30 such messages causes system overload. Most often this results in the fact that the smartphone stops responding or reboots, in some cases, the Messages application itself drops or the service responsible for cellular communication fails.
')
Interestingly, Aleku notified the Android Security Team of the vulnerability a year ago, but initially received only an automatic response. Further attempts to contact the responsible specialists were unsuccessful, and he decided to publish the information. He has now, in conjunction with Michael Müller, developed the Class0Firewall to combat this threat.
He also notes that his attack so far only leads to failures, but in theory it can also be used for remote code execution.
Vulnerability works on all Nexus with default Android, up to version KitKat.
Source: https://habr.com/ru/post/204428/
All Articles