Researchers at IBM’s X-Force Application Security Research Team discovered the flaw several months ago and worked with Google on a patch that was deployed recently. Disclosure of the vulnerability was shared by IBM’s X-Force team on Thursday.Īccording to X-Force, the vulnerability was “undocumented” and is tied to LG manufactured Nexus 5X’s Android running OS images 6.0 MDA39E through 6.0.1 MMB29V or running bootloaders bhz10i/k. Researchers said it is unaware of known public exploits of this vulnerability. “The vulnerability would have permitted an attacker to obtain a full memory dump of the Nexus 5X device, allowing sensitive information to be exfiltrated from the device without it being unlocked,” according Roee Hay, application security research team leader at X-Force. Using Android OS developer tools, attackers can sift through memory dump data and retrieve the device’s lock-screen password.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |