Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119041698
No PoCs from references.
- https://github.com/7homasSutter/SimpleSpyware
- https://github.com/7homasSutter/SimpleySpyware
- https://github.com/coderlava/SimpleSpyware
- https://github.com/jocker35/SimpleSpyware