Experts at Zimperium Mobile Security Labs (zLabs) recently discovered a critical flaw, dubbed Stagefright affecting the Android OS.
The experts revealed that the Stagefright flaw (CVE-2015-1538) potentially affects 95% of Android devices running version 2.2 to 5.1 of the Google OS (roughly 950 million smartphones). The Zimperium firm consider the Stagefright vulnerability as the worst Android flaw in the mobile OS history, the vulnerability affects a media library app that is used for by Android to process Stagefright media files. According to the experts at Zimperium the media library is affected by several vulnerabilities.
“We are pleased to finally make this code available to the general public so that security teams, administrators, and penetration testers alike may test whether or not systems remain vulnerable. What follows is a python script that generates an MP4 exploiting the ‘stsc’ vulnerability otherwise known as CVE-2015-1538 (#1).” states Zimperium.
The experts released the Stagefright exploits to allow security experts to examine their systems against this vulnerability.
According to the US-CERT/CC advisory, the Android Stagefright contains multiple vulnerabilities including:
The experts released the slides for the Stagefright exploit presented at the last Black Hat and DEF CON conference. The full video of the presentation at the Black Hat is available on YouTube.
The experts released the Stagefright exploit (Stagefright_CVE-2015-1538-1_Exploit.py).
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.