Google fixes Nexus security vulnerability

Google fixes Nexus security vulnerability [Image: xijian via iStock]
Google has fixed a security flaw in its Nexus 6 and 6P devices that would have allowed hackers to intercept calls.

It has been reported that Google has just fixed a vulnerability in its Android operating system that would have allowed hackers to listen in to calls.

The vulnerability was present in Google’s Nexus 6 and 6P smartphones and gave hackers with USB access the ability to take over the onboard modem during boot up. This allowed them to listen to calls and intercept mobile data packets.

Roee Hay and Michael Goberman, from IBM's X-Force Application Security Research Team – which discovered the vulnerability – have said that “this level of access to the Nexus 6 modem allows attackers to find the exact GPS co-ordinates with detailed satellite information, place phone calls, steal call information and access or change non-volatile (NV) items or the EFS partition”.

Ars Technica reported that the vulnerability “was complex to activate,” since it required the victim to have Android Debug Bridge (ADB) enabled on their devices. This is a debugging mode used by developers to load Android application packages (APK) onto phones.

The security flaw – named CVE-2016-8467 – also required users to have manually authorised ADB connectivity with an infected PC or charger.

According to Mr Hay and Mr Goberman, the Nexus 6P vulnerability “enables the ADB interface even if it was disabled in the developer settings user interface (UI)”. They added: “With access to an ADB-authorised PC, a physical attacker could open an ADB session with the device and cause the ADB host running under the victim’s PC to RSA-sign the ADB authentication token even if the PC is locked.”

They explained that this type of ADB connection would allow an attacker to install malware on a device. They went on to say that PC malware on an ADB-authorised machine “might also exploit CVE-2016-8467 to enable ADB and install Android malware,” adding that the PC malware “waits for the victim to place the device in the fastboot mode to exploit the vulnerability”.

It has not been announced if the researchers have found the flaw in other devices.

We can help your business! Contact Arrow Now

About Us

With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.

Contact Form