{"id":139905,"date":"2022-05-28T09:02:18","date_gmt":"2022-05-28T14:02:18","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/05\/microsoft-finds-severe-bugs-in-android-apps-from-large-mobile-providers"},"modified":"2022-05-28T09:02:18","modified_gmt":"2022-05-28T14:02:18","slug":"microsoft-finds-severe-bugs-in-android-apps-from-large-mobile-providers","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/05\/microsoft-finds-severe-bugs-in-android-apps-from-large-mobile-providers","title":{"rendered":"Microsoft finds severe bugs in Android apps from large mobile providers"},"content":{"rendered":"

<\/a><\/p>\n

Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers.<\/p>\n

The researchers found these vulnerabilities (tracked as CVE-2021\u201342598<\/a>, CVE-2021\u201342599<\/a>, CVE-2021\u201342600<\/a>, and CVE-2021\u201342601<\/a>) in a mobile framework owned by mce Systems<\/a> exposing users to command injection and privilege escalation attacks.<\/p>\n

The vulnerable apps have millions of downloads on Google\u2019s Play Store and come pre-installed as system applications on devices bought from affected telecommunications operators, including AT&T, TELUS<\/a>, Rogers Communications<\/a>, Bell Canada<\/a>, and Freedom Mobile<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft security researchers have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers. The researchers found these vulnerabilities (tracked as CVE-2021\u201342598, CVE-2021\u201342599, CVE-2021\u201342600, and CVE-2021\u201342601) in a mobile framework owned by mce Systems exposing users to command injection and privilege escalation attacks. The vulnerable apps have [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1492],"tags":[],"class_list":["post-139905","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/139905","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=139905"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/139905\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=139905"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=139905"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=139905"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}