Vulnerabilities (Page 13)

Attacking Android Antivirus Applications

A fairly classic mobile issue, the McAfee Security: Antivirus VPN is a highly privileged app and it exports a fairly generic MainActivity.The MainActivity is rather dynamic in terms of what type content it’ll load, basically acting as a wrapper to load whatever the real intent was…

 

XNU: NFSSVC root check bypass; use after free due to insufficient locking in upcall worker threads

This was a fun authorization check bypass because when checking if higher privileges were needed the flag value was checked for equality with the two privileged actions.Later on however, when deciding what handler to use to handle to request, it used a bitwise operation to check if the specific bit is set…