Privacy and security are the core of everything we do today. It’s no surprise that we have become more mobile than ever before. Mobile devices are becoming the cornerstone of modern living that converges end users’ business and personal lives. However, these mobile devices come with several vulnerabilities and security risks. Nearly all Android devices have useless pre-installed applications by manufacturers, generally called bloatware—Microsoft research team discovered various critical vulnerabilities in a mobile framework by MCE Systems. Various mobile manufacturers use this framework in pre-installed Android System applications. Malicious actors could have abused these applications to access sensitive information and system configuration. Therefore, it’s essential to protect your mobile devices against critical bugs in pre-installed apps. This article will highlight tips to secure your android devices from these critical flaws in pre-installed apps.
Table of Contents
List Of Critical Flaws In Pre-Installed Apps On Android Devices
The critical flaws in pre-installed apps range from local privilege escalation to command injection. These have been assigned the identifiers CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601, with the CVSS score between 7.0 and 8.9.
Outdated Command Injection Vulnerability
Microsoft detected a command injection vulnerability, CVE-2021-42599, in the Device service. This service provides rich functionality that includes the ability to stop activities of a given package. The client controls the argument ‘value’ and executes the following command.
am force-stop “value”
The attacker could add quotation marks or backticks to execute arbitrary code.
am force-stop “a”; command-to-run; echo “a”
However, according to the MCE Systems, they have removed the functionality behind this vulnerability, and it no longer exists in advanced framework versions.
Microsoft formulated two injection techniques leveraged by attackers.
Microsoft’s proof-of-concept exploit code can
- Perform a PiTM for the target device and entice users into clicking the link with “mcesystems://” schema.
- Sends data to the server for information gathering via XMLHttpRequest.
Local Privilege Escalation Vulnerability
Some applications analyzed by Microsoft didn’t pull plaintext pages. Therefore, they looked for a local elevation of the privilege escalation vulnerability that allows a malicious application to get the system app’s privilege. This vulnerability was tracked as CVE-2021-42601.
- The server then performs and stores the result in the cache, mapping requests IDs to results.
The client does not need to ask for asynchronous results as data is transferred safely between the client and the server.
List Of Apps Affected With The Flaws
Some of the affected apps due to critical vulnerabilities are as follows.
The malicious apps, pre-installed by phone manufacturers, are also available on the Play Store. These are said to have passed the application storefront’s automatic safety checks without elevating any red flags.
Tips To Secure Your Android Devices Against Critical Vulnerabilities In Pre-Installed Apps
It’s no secret that Android suffers from several security issues. There’s always something new to worry about, from the long-running problem of pre-installed apps with vulnerabilities to the recent discovery that some apps were sharing your location data with Google.
The good news is that you can take action to protect yourself. Here are some tips for securing your devices against these vulnerabilities in pre-installed apps:
- Keep Your Device Up to Date with the Latest Security Patches: If you have an older version of Android on your phone, there are likely security vulnerabilities in the operating system itself.
- Only Install Apps from Trusted Sources: It’s always a good idea to download apps only from trusted sources. It includes Google Play Store, Amazon Appstore, and Samsung Galaxy Apps.
- Appraise Your App-Downloading IQ: It’s important to know what apps are safe and which ones are not. Be careful when downloading apps from third-party stores or websites because they could contain malware and viruses.
- Check for Updates: Updates fix bugs, but they also often contain patches for newly discovered vulnerabilities in software.
- Enable Two-Factor Authentication for Your Google Account: It will make it more difficult for an attacker to access your account even if they have stolen your password.
- Clean Up Your List of Connected Devices: It’s important because this list is displayed as part of the Android operating system (OS), so anyone who sees it can see what other people have been connected with before you.
- Think Carefully About Third-Party Security Suites: While you may want the convenience of one app to protect all your devices, you should be aware that this can lead to problems.
We hope this post would help you know how to secure your android devices from these critical flaws in pre-installed apps. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this.