430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Zimperium firm released the Android Stagefright Exploit Code

Zimperium firm released the Android Stagefright Exploit Code, the Android flaw that is threatening the users of the popular Google mobile OS. Experts at Zimperium Mobile Security Labs (zLabs) recently discovered a critical flaw, dubbed Stagefright affecting the Android OS. The experts revealed that the Stagefright flaw (CVE-2015-1538) potentially affects 95% of Android devices running version 2.2 to 5.1 of […]

Zimperium firm released the Android Stagefright Exploit Code

Zimperium firm released the Android Stagefright Exploit Code, the Android flaw that is threatening the users of the popular Google mobile OS.

Experts at Zimperium Mobile Security Labs (zLabs) recently discovered a critical flaw, dubbed Stagefright affecting the Android OS.

The experts revealed that the Stagefright flaw (CVE-2015-1538) potentially affects 95% of Android devices running version 2.2 to 5.1 of the Google OS (roughly 950 million smartphones).  The Zimperium firm consider the Stagefright vulnerability as the worst Android flaw in the mobile OS history, the vulnerability affects a media library app that is used for by Android to process Stagefright media files. According to the experts at Zimperium the media library is affected by several vulnerabilities.

Now Zimperium experts have publicly released the Stagefright Exploit, demonstrating how to trigger the Remote Code Execution (RCE).
The researchers implemented the Stagefright Exploit in python by creating an MP4 exploiting the ‘stsc’ vulnerability, aka Stagefright vulnerability.

“We are pleased to finally make this code available to the general public so that security teams, administrators, and penetration testers alike may test whether or not systems remain vulnerable. What follows is a python script that generates an MP4 exploiting the ‘stsc’ vulnerability otherwise known as CVE-2015-1538 (#1).states Zimperium.

The experts released the Stagefright exploits to allow security experts to examine their systems against this vulnerability.

Stagefright tool

According to the US-CERT/CC advisory, the Android Stagefright contains multiple vulnerabilities including:

  • CVE-2015-1538, P0006, Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution
  • CVE-2015-1538, P0004, Google Stagefright ‘ctts’ MP4 Atom Integer Overflow Remote Code Execution
  • CVE-2015-1538, P0004, Google Stagefright ‘stts’ MP4 Atom Integer Overflow Remote Code Execution
  • CVE-2015-1538, P0004, Google Stagefright ‘stss’ MP4 Atom Integer Overflow Remote Code Execution
  • CVE-2015-1539, P0007, Google Stagefright ‘esds’ MP4 Atom Integer Underflow Remote Code Execution
  • CVE-2015-3827, P0008, Google Stagefright ‘covr’ MP4 Atom Integer Underflow Remote Code Execution
  • CVE-2015-3826, P0009, Google Stagefright 3GPP Metadata Buffer Overread
  • CVE-2015-3828, P0010, Google Stagefright 3GPP Integer Underflow Remote Code Execution
  • CVE-2015-3824, P0011, Google Stagefright ‘tx3g’ MP4 Atom Integer Overflow Remote Code Execution
  • CVE-2015-3829, P0012, Google Stagefright ‘covr’ MP4 Atom Integer Overflow Remote Code Execution

The experts released the slides for the Stagefright exploit presented at the last Black Hat and DEF CON conference. The full video of the presentation at the Black Hat is available on YouTube.

The experts released the Stagefright exploit (Stagefright_CVE-2015-1538-1_Exploit.py).

Pierluigi Paganini

(Security Affairs – Stagefright exploit, Android)