CVE-2018-6597 — MEDIUM (6.8)

Vulnerability Description

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a root shell via ADB. Modifying the read-only properties by an app as the system user creates a UNIX domain socket named factory_test that will execute commands as the root user by processes that have privilege to access it (as per the SELinux rules that the vendor controls).

CVSS Score

6.8

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Alcatel	A30 Firmware	7.0
Alcatel	A30	-

References

https://www.kryptowire.com/portal/android-firmware-defcon-2018/Third Party Advisory
https://www.kryptowire.com/portal/android-firmware-defcon-2018/Third Party Advisory

FAQ

What is CVE-2018-6597?

CVE-2018-6597 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user....

How severe is CVE-2018-6597?

CVE-2018-6597 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-6597?

Check the references section above for vendor advisories and patch information. Affected products include: Alcatel A30 Firmware, Alcatel A30.