May 28, 2022

Microsoft finds severe bugs in Android apps from large mobile providers

Posted by in category: security

Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers.

The researchers found these vulnerabilities (tracked as CVE-2021–42598, CVE-2021–42599, CVE-2021–42600, and CVE-2021–42601) in a mobile framework owned by mce Systems exposing users to command injection and privilege escalation attacks.

The vulnerable apps have millions of downloads on Google’s Play Store and come pre-installed as system applications on devices bought from affected telecommunications operators, including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile.


Comment so far

  1. The ability to talk, on any wave, freely.

Leave a reply