cve/2017/CVE-2017-13253.md

CVE-2017-13253

Description

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71389378.

POC

Reference

• https://www.exploit-db.com/exploits/44291/

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/lnick2023/nicenice
• https://github.com/qazbnm456/awesome-cve-poc
• https://github.com/tamirzb/CVE-2017-13253
• https://github.com/xbl3/awesome-cve-poc_qazbnm456