Rewterz Threat Alert – Quasar RAT – Active IOCs
December 3, 2021Rewterz Threat Advisory – ICS: Schneider Electric SESU Vulnerability
December 3, 2021Rewterz Threat Alert – Quasar RAT – Active IOCs
December 3, 2021Rewterz Threat Advisory – ICS: Schneider Electric SESU Vulnerability
December 3, 2021Severity
High
Analysis Summary
CVE-2022-20002
Google Android could allow a local authenticated attacker to bypass security restrictions, caused by improper access control by the vold’s IPC handlers related to incremental-fs (“mountIncFs”, “unmountIncFs”, “bindMount”). By executing a specially-crafted program, an attacker could exploit this vulnerability to allow “system_server” to trigger mounting on directories, not under system_server control
Impact
- Security Bypass
Affected Vendors
Affected Products
- Google Android
Remediation
Upgrade to the latest version of Android, available from the Google Web site.