Top

Privilege Escalation Vulnerability Found in Honeywell Android Computers

September 17, 2018

Category:

A total of 17 Honeywell handheld computers were recently found vulnerable to a privilege escalation bug that could enable attackers to fully compromise the device and its stored data.

The remotely exploitable vulnerability (CVE-2018-14825) has been tagged as “Improper Privilege Management,” and exploitation involves a tampered third-party app that elevates privileges once installed on the device. Affected devices include the CT60, CN80, CT40, CK75, CN75, CT50, D75e, CN51, and EDA series, all running Android distributions ranging from Android 4.4 to Android 8.1.

“A skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges,” reads the advisory. “This could enable the attacker to obtain access to keystrokes, passwords, personal identifiable information, photos, emails, or business-critical documents.”

Read More on Hot for Security