Vulnerabilities

CVE-2013-2599

by Fred · 31/08/2014

A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption passwords via a logcat call.

Date published : 2014-08-31

https://www.codeaurora.org/projects/security-advisories/logging-potentially-sensitive-information-nativedaemonconnector-cve-2013-2599

Related

Tags: Cybersecurity Alert