// For flags

CVE-2013-6770

Android 4.3 Superuser Root Privilege Escalation

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows attackers to gain privileges by leveraging ADB shell access and a certain Linux UID, and then creating a Trojan horse script.

El paquete CyanogenMod/ClockWorkMod/Koush Superuser 1.0.2.1 para Android 4.3 y 4.4 no restringe debidamente el conjunto de usuarios que pueden ejecutar /system/xbin/su con la opción --daemon, lo que permite a atacantes ganar privilegios mediante el aprovechamiento de acceso shell ADB y cierto identificador de usuario de Linux, y después crear un script de caballo de troya.

The Superuser package for Android 4.3 allows a user to spawn /system/xbin/su with manipulated environment variables to execute code as root.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-11-10 CVE Reserved
  • 2013-11-14 CVE Published
  • 2013-11-14 First Exploit
  • 2024-08-06 CVE Updated
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
URL Tag Source
URL Date SRC
https://packetstorm.news/files/id/124020 2013-11-14
http://www.securityfocus.com/archive/1/529795 2024-08-06
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Koushik Dutta
Search vendor "Koushik Dutta"
 Superuser
Search vendor "Koushik Dutta" for product "Superuser"
 1.0.2.1
Search vendor "Koushik Dutta" for product "Superuser" and version "1.0.2.1"
-
Affected
in Google
Search vendor "Google"
 Android
Search vendor "Google" for product "Android"
 4.3
Search vendor "Google" for product "Android" and version "4.3"
-
Safe
Koushik Dutta
Search vendor "Koushik Dutta"
 Superuser
Search vendor "Koushik Dutta" for product "Superuser"
 1.0.2.1
Search vendor "Koushik Dutta" for product "Superuser" and version "1.0.2.1"
-
Affected
in Google
Search vendor "Google"
 Android
Search vendor "Google" for product "Android"
 4.4
Search vendor "Google" for product "Android" and version "4.4"
-
Affected