CVE-2016-6727
critical
CVSS v3
9.8
CVSS v2
10.0
VIR risk
9.8
Description
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: security@android.com — https://source.android.com/security/bulletin/2016-11-01
References
- http://support.blackberry.com/kb/articleDetail?articleNumber=000038666
- http://www.securityfocus.com/bid/94133
- https://source.android.com/security/bulletin/2016-11-01
- http://support.blackberry.com/kb/articleDetail?articleNumber=000038666
- http://www.securityfocus.com/bid/94133
- https://source.android.com/security/bulletin/2016-11-01
CWEs
CWE-264
Verify integrity in audit chain (admin only). AS-IS.