MTKLogger vulnerability - Githubissues

MuntashirAkon / android-debloat-list

[WIP] A comprehensive list of apps for debloating Android with suggestions and vulnerabilities, based on but independent of UAD project.

GNU Affero General Public License v3.0

198 stars 17 forks source link

MTKLogger vulnerability #21

Open MuntashirAkon opened 1 year ago

MuntashirAkon commented 1 year ago

Please check before submitting an issue

[X] I have investigated the app and created a report

Vulnerability report

CVE-2016-10135

Package name

com.mediatek.mtklogger

Package label

MTKLogger

Affected versions

Requires investigation. See additional context below.

Removal

Remove

Additional context

It has two exported vulnerable components which can be exploited:

com.mediatek.mtklogger.framework.LogReceiver
com.mediatek.mtklogger.framework.MTKLoggerService

Therefore, any version with those two exported components should be vulnerable to this attack.