Google engineers have fixed vulnerability in Android that targeted Google’s flagship device, Nexus 5X. The vulnerability allowed exfiltrating data from the phone using forced memory dump and let hackers bypass the lockscreen.
The vulnerability was first identified by IBM’s X-Force Application Security Research team. The attackers would have obtained the password credentials of the device to unlock the screen using this flaw. Moreover, attackers could leverage this security hole to exfiltrate data or even sensitive information without it being unlocked.
“The problem is that in the vulnerable versions of the bootloader, such a crash would cause the bootloader to expose a serial-over-USB connection, which would allow an attacker to obtain a full memory dump of the device using tools such as QPST Configuration,” wrote Roee Hay, application security research team leader at X-Force, in a blog post.
Hay confirmed that the vulnerability affected LG Nexus 5X running on Android OS 6.0 MDA39W and 6.0.1 MMB29V with bhz10i/k bootloader. But there is no recorded data of public exploits of this vulnerability. Also, non-Nexus 5X devices seem to be unaffected by this vulnerability.
The attack without physical access to the device is bit difficult. An attacker can perform the same by infecting malware into ADB-authorised developers PC. Another way of infecting the ADB-enabled device would have been through a malicious charger.
It is unclear if LG hardware has anything to do with this. However, the issue appears to be only in Nexus 5X devices with specific Android OS build running on it. It was easier for Google to roll out the fix for Nexus 5X as Google directly handles update cycle for Nexus devices.