Android devices could be compromised with a persistent backdoor should four high-severity security flaws in pre-installed Android System apps' mobile framework be exploited, according to SecurityWeek.
Threat actors could leverage the already-patched vulnerabilities namely CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601 which have been found in mce Systems' mobile framework to facilitate system configuration and sensitive data access, an advisory from the Microsoft 365 Defender Research Team warned.
"The framework seemed to be designed to offer self-diagnostic mechanisms to identify and resolve issues impacting the Android device, indicating its permissions were inherently broad with access to valuable resources... Moreover, we found that the framework was being used by default system applications to leverage its self-diagnostic capabilities, demonstrating that the affiliated apps also included extensive device privileges that could be exploited via the vulnerable framework," said researchers, which added that other Android and iOS apps are also impacted by some of the identified bugs.
However, Microsoft emphasized that there has been no indication suggesting active exploitation of the flaws.