![]() ![]() ![]() Following notification from Check Point on November 15, 2015, AirDroid rolled out fixed application on Janu(ver 3.2.0). AirDroid is an Android device manager application that enables users to access their Android devices remotely from their computers. Research at a GlanceĬheck Point recently discovered a significant vulnerability (CVE-2015-8112) that allows attackers to execute malicious code during an AirDroid session. The Check Point’s Mobile Threat Prevention solution, for example, is able to detect and alert users who are at risk from these vulnerabilities and allow IT managers to monitor the patching of their mobile environment. IT managers who wish to protect their devices and sensitive data must use a more comprehensive and complete security measure. IT and security managers cannot rely on employees to apply application patches in order to be protected. Many known vulnerabilities still exist in various apps, and many more remain to be discovered. This is not the only vulnerability which exposes Android users to potential attacks and data thefts. Once exploited, the App enables the attackers to execute code on the device in order to steal data and send it back to their servers. The user then saves the contact to his device, allowing the malicious payload to exploit a vulnerability in the AirDroid application. This is made possible by the following procedure: an attacker sends an SMS or its equivalent which contain a malicious payload to his victim, masqueraded as a legitimate contact. Using the newly revealed vulnerability, an attacker can steal data from unsuspecting users. AirDroid is a device manager app which allows users to access their Android devices through their computers. ![]() This vulnerability affects the 50 million AirDroid users around the globe. Check Point alerted AirDroid that its Android device manager app is vulnerable to phone data hijacking and malicious code execution by remote attackers.Ī new vulnerability in the AirDroid App was revealed by Check Point. ![]()
0 Comments
Leave a Reply. |