Home page logo
/

bugtraq logo Bugtraq mailing list archives

[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4
From: 醉麻 <mazuishenghuo () gmail com>
Date: Tue, 16 Jul 2013 10:13:43 +0800

Hi list,
I would like to inform you that the details of the vulnerability in
built-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763
and CVE-2013-4764) are now disclosed to public.

In Samsung Galaxy S3/S4, a pre-loaded app, i.e.,
sCloudBackupProvider.apk, is used to provide backup functionality for
the users, and it unintentially exposes several unprotected
components. By exploiting these unprotected components, an
unprivileged app can trigger a so-called “restore” operation to write
SMS messages back to the standard SMS database file (mmssms.db) used
by the system messaging app, i.e., SecMms.apk. As a result, a smishing
attack can effectively create and inject arbitrary (fake) SMS text
messages. Similarly, fake MMS messages and call logs are also
possible. This vulnerability has been disclosed in CVE-2013-4763.

Also, these components can be sequentially triggered in a specific
order to create arbitrary SMS content, inject to system-wide SMS
database, and then trigger the built-in SMS-sending behavior (to
arbitrary destination). This vulnerability has been disclosed in
CVE-2013-4764.

QIHU Inc. discovered these vulnerability and informed Samsung Corp. in
June 10, 2013. Samsung confirmed the vulerability and is now preparing
an OTA update. As a temporary workaround, disable the
sCloudBackupProvider.apk app would help block known attack vectors.

Details of CVE-2013-4763 and CVE-2013-4764 can be also found in QIHU
Inc.'s official site:
http://shouji.360.cn/securityReportlist/CVE-2013-4763.html
http://shouji.360.cn/securityReportlist/CVE-2013-4764.html

Regards,
Z.X. from QIHU Inc.


  By Date           By Thread  

Current thread:
  • [CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 醉麻 (Jul 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault