Any device with Android Security Patch Level (ASPL) later that 2021-05-05 will be protected from exploitation of these vulnerabilities. With that in mind, Lookout Admins should set the minimum required ASPL as 2021-05-05 if the user wants to access any corporate resources from their mobile device. By implementing access policies that only allow users and devices with the most up-to-date app versions installed on their devices, Lookout admins can ensure that threat actors don’t use vulnerable apps to access sensitive data.
It was recently discovered that a handful of preinstalled Android apps had vulnerabilities that could be exploited on exposed Samsung devices. The initial analysis of these apps by Oversecured shows that the vulnerabilities could allow threat actors to access and edit the victim’s contacts, calls, SMS and MMS, install arbitrary apps with device administrator rights, or read and write files on behalf of a user to change the device’s settings. Below is a list of the affected apps and descriptions of the potential malicious actions:
Access to these types of data could lead to corporate data leakage and compliance violations if the device user has stored sensitive files locally on their device or communicated with colleagues about sensitive topics like research and development projects. Attackers know that mobile devices can access corporate data but oftentimes aren’t secured in the same way as laptops and desktops with access to the same data. To exploit these vulnerabilities, an attacker would most likely build a malicious third-party app that they would convince targeted victims to download through socially engineered mobile phishing campaigns.
Any device with Android Security Patch Level (ASPL) later that 2021-05-05 will be protected from exploitation of these vulnerabilities. With that in mind, Lookout Admins should set the minimum required ASPL as 2021-05-05 if the user wants to access any corporate resources from their mobile device. By implementing access policies that only allow users and devices with the most up-to-date app versions installed on their devices, Lookout admins can ensure that threat actors don’t use vulnerable apps to access sensitive data.
September 22, 2023
Apple recently released two software updates for iOS and iPad OS for vulnerabilities that can form an exploit chain and are also known to install Predator spyware.
September 15, 2023
September 19, 2023