CVE-2014-8609

Android Settings Pendingintent Leak

Severity Score

7.2

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category information via a third-party authenticator in a crafted application, aka Bug 17356824.

El método addAccount en src/com/android/settings/accounts/AddAccountSettings.java en la aplicación Settings en Android anterior a 5.0.0 no crea correctamente un PendingIntent, lo que permite a atacantes utilizar la uid SYSTEM para emitir un intento con información arbitraria de componentes, acciones o categorías a través de un autenticador tercera parte en una aplicación manipulada, también conocido como Bug 17356824.

In Android versions prior to 5.0 and possibly greater than and equal to 4.0, Settings application leaks Pendingintent with a blank base intent (neither the component nor the action is explicitly set) to third party applications. Due to this, a malicious app can use this to broadcast intent with the same permissions and identity of the Settings application, which runs as SYSTEM uid.

*Credits: N/A

CVSS Scores

NISTv2 7.2

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-11-04 CVE Reserved
2014-11-26 CVE Published
2015-04-07 First Exploit
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (7)

URL	Tag	Source

URL	Date	SRC
https://github.com/MazX0p/CVE-2014-8609-POC	2021-07-17
https://github.com/ratiros01/CVE-2014-8609-exploit	2022-05-16
https://github.com/locisvv/Vulnerable-CVE-2014-8609	2015-04-07
http://packetstormsecurity.com/files/129281/Android-Settings-Pendingintent-Leak.html	2024-08-06
http://seclists.org/fulldisclosure/2014/Nov/81	2024-08-06
http://xteam.baidu.com/?p=158	2024-08-06

URL	Date	SRC

URL	Date	SRC
https://android.googlesource.com/platform/packages/apps/Settings/+/f5d3e74ecc2b973941d8adbe40c6b23094b5abb7	2014-12-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				<= 4.4.4 Search vendor "Google" for product "Android" and version " <= 4.4.4"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.0 Search vendor "Google" for product "Android" and version "4.0"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.0.1 Search vendor "Google" for product "Android" and version "4.0.1"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.0.2 Search vendor "Google" for product "Android" and version "4.0.2"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.0.3 Search vendor "Google" for product "Android" and version "4.0.3"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.0.4 Search vendor "Google" for product "Android" and version "4.0.4"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.1 Search vendor "Google" for product "Android" and version "4.1"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.1.2 Search vendor "Google" for product "Android" and version "4.1.2"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.2 Search vendor "Google" for product "Android" and version "4.2"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.2.1 Search vendor "Google" for product "Android" and version "4.2.1"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.2.2 Search vendor "Google" for product "Android" and version "4.2.2"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.3 Search vendor "Google" for product "Android" and version "4.3"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.3.1 Search vendor "Google" for product "Android" and version "4.3.1"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.4 Search vendor "Google" for product "Android" and version "4.4"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.4.1 Search vendor "Google" for product "Android" and version "4.4.1"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.4.2 Search vendor "Google" for product "Android" and version "4.4.2"		-		Affected
Google Search vendor "Google"		Android Search vendor "Google" for product "Android"				4.4.3 Search vendor "Google" for product "Android" and version "4.4.3"		-		Affected