CVE-2017-13255:Out-of-bounds write vulnerability in Android's Bluetooth SDP server component allowing remote code execution without user interaction.

splash
Back

Description Preview

CVE-2017-13255 is a critical vulnerability in Android's Bluetooth Service Discovery Protocol (SDP) server implementation. The vulnerability exists in the process_service_attr_req function of sdp_server.c, where a missing bounds check allows an attacker to perform an out-of-bounds write operation. This can lead to remote code execution on affected Android devices with no additional privileges required and without any user interaction. The vulnerability affects multiple Android versions from 5.1.1 through 8.1.

Overview

This vulnerability (CWE-787: Out-of-bounds Write) in Android's Bluetooth stack allows an attacker within Bluetooth range to execute arbitrary code on the target device. The issue occurs in the Service Discovery Protocol (SDP) server component when processing service attribute requests. Due to improper bounds checking in the process_service_attr_req function in sdp_server.c, an attacker can trigger an out-of-bounds write, potentially leading to memory corruption and code execution. The attack can be performed remotely without user interaction, making this vulnerability particularly dangerous. An attacker could exploit this vulnerability to gain control of an affected device, access sensitive data, or perform other malicious actions with the privileges of the Bluetooth service.

Remediation

Users should update their Android devices to the latest security patch level. Google addressed this vulnerability in the March 2018 Android Security Bulletin. The following actions are recommended:

  1. Update your Android device to a security patch level of March 2018 or later.
  2. If updates are not available for your device, consider these mitigations:
    • Disable Bluetooth when not in use
    • Avoid pairing with unknown Bluetooth devices
    • Keep your device in non-discoverable mode when Bluetooth is enabled
  3. Device manufacturers should apply the patches provided by Google to their customized Android builds.
  4. Enterprise administrators should ensure all managed Android devices are updated to the latest security patch level.

References

  1. Android Security Bulletin (March 2018): https://source.android.com/security/bulletin/2018-03-01
  2. SecurityFocus BID: 103253 - http://www.securityfocus.com/bid/103253
  3. Android Internal Bug ID: A-68776054
  4. CWE-787: Out-of-bounds Write - https://cwe.mitre.org/data/definitions/787.html

Affected Android versions include 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1.

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing: Low
    Manufacturing
  2. Public Administration: Low
    Public Administration
  3. Educational Services: Low
    Educational Services
  4. Finance and Insurance: Low
    Finance and Insurance
  5. Transportation & Warehousing: Low
    Transportation & Warehousing
  6. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  7. Information: Low
    Information
  8. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  9. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  10. Accommodation & Food Services: Low
    Accommodation & Food Services
  11. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  12. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  13. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  14. Construction: Low
    Construction
  15. Mining: Low
    Mining
  16. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  17. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  18. Retail Trade: Low
    Retail Trade
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background