Explore the hidden Remote Code Execution (RCE) vulnerabilities in Android OS libraries that process incoming files through various APIs. Dive into how these libraries handle files from untrusted sources, including those sent via MMS, chat apps, emails, and web browsers. Learn about the potential security risks associated with processing these files in system applications like Gallery, Photos, and Settings. Presented by Qidan He and Juntao Wu, this 42-minute Black Hat conference talk uncovers critical security insights for Android developers and cybersecurity professionals.
Overview
Syllabus
The Hidden RCE Surfaces That Control the Droids
Taught by
Black Hat
Related Courses
-
Is WebAssembly Really Safe? - Wasm VM Escape and RCE Vulnerabilities Have Been Found in New Way
-
SolarWinds One Year Later - The Story of an Unauthenticated RCE in the Orion Platform
-
Hacking JavaScript Desktop Apps with XSS and RCE
-
Server-Side Template Injection - RCE for the Modern Web App
-
Diving Into Spooler - Discovering LPE and RCE Vulnerabilities in Windows Printer
-
Dangling Packages Leading to RCE
