Chrome Exploit Allegedly Gives Root Access to Virtually Any Android Device

Advertisement
By Manish Singh | Updated: 13 November 2015 17:49 IST
Chrome Exploit Allegedly Gives Root Access to Virtually Any Android Device

A critical vulnerability in Chrome for Android has been reported that makes it possible for attackers to take over a device. The vulnerability was demonstrated at the MobilePwn2Own, PacSec conference in Tokyo. The researcher believes that the vulnerability affects all versions of Android capable of running the latest version of Chrome.

Qihoo 360 researcher Guang Gong showcased the exploit. The vulnerability resides in JavaScript v8, Google's open source JavaScript engine. For the vulnerability to be exploited, users needs to be tricked to visit a malicious website using Chrome Web browser.

An attacker is then able to install an arbitrary application and gain the full privileges of the device. He noted that the attack was "one shot exploit," essentially meaning that just one vulnerability was enough to perform the attack. The exploit worked on many other devices as well, said Dragos Ruiu, the organiser of PacSec.

"The impressive thing about Guang's exploit is that it was one shot; most people these days have to exploit several vulnerabilities to get privileged access and load software without interaction," Ruiu told Vulture South.

Advertisement

"As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a BMX Bike game) without any user interaction to demonstrate complete control of the phone."

Working details of the vulnerability haven't been disclosed, and Ruiu said that Google had been made aware of the vulnerability.

Advertisement

At the same event, two security researchers managed to trick the Samsung Galaxy S6, Galaxy S6 Edge, and the Galaxy Note 4 to connect to a compromised base station and had the calls and messages go through it. As a result of which, a victim's calls and messages could be intercepted.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day Sale: Samsung Galaxy S24 Ultra Discount Revealed
  2. How to Upgrade to BSNL 4G/ 5G SIM Card Online: A Step-by-Step Guide
  3. OnePlus Nord 5, Nord CE 5 Launch Today: Everything You Need to Know
  4. AI+ Nova 5G, Pulse Phones India Launch Today: How to Watch Live Event
  5. Honor X9c 5G With 6,600mAh Battery Launched in India: Price, Features
  6. Realme 15 Pro 5G Leaked Render Shows Design Ahead of India Launch
  7. Here's How Much the Vivo X Fold 5 and Vivo X200 FE Might Cost in India
  8. Xiaomi Compact Power Bank 20,000mAh Launched in India: Price, Features
  9. Samsung Smart Monitor M9 Launched in India Alongside Updated M8, M7 Models
  10. Infinix Hot 60 5G+ to Launch in India on This Day With a One Tap AI Button
  1. AI+ Nova 5G, Pulse India Launch Today: Know Price, Specifications and More
  2. OnePlus Nord 5, Nord CE 5 Launch Today: Know Price, Expected Features and Specifications
  3. Realme 15 Pro 5G Leaked Render Shows Design Ahead of India Launch
  4. Samsung Smart Monitor M9 With QD-OLED Display Launched in India Alongside Refreshed M8, M7 Models
  5. Samsung Galaxy S26 Ultra Said to Get 16GB RAM, Improved Telephoto Lens, More
  6. Xiaomi Compact Power Bank 20,000mAh Launched in India With Built-In Cable: Price, Features
  7. Forza Motorsport Team 'No More', Romero Games 'Completely Closed' Following Microsoft Cuts
  8. Honor X70 Tipped to Launch With an 8,300mAh Battery, Snapdragon 6 Gen 4 SoC
  9. iPhone 15 to Get a Discount During Amazon Prime Day 2025 Sale: Price Revealed
  10. Realme 15 Series to Feature AI Edit Genie, a Voice-Enabled Photo Editing Tool
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.