CVE-2014-0997

HIGH

Android < 5.0.1 - Denial of Service via Crafted 802.11 Probe Response Frame

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-0997. PoCs published by Core Security.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in Android's WiFi-Direct implementation by sending a malformed 802.11 Probe Response frame, causing an unhandled IllegalArgumentException in the WiFiMonitor class, leading to a system reboot.

Description

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textdosandroid

https://www.exploit-db.com/exploits/35913

View Code ZIP pw:eip

This exploit demonstrates a Denial of Service (DoS) vulnerability in Android's WiFi-Direct implementation by sending a malformed 802.11 Probe Response frame, causing an unhandled IllegalArgumentException in the WiFiMonitor class, leading to a system reboot.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Android (versions 4.1.2 to 4.4.4)

No auth needed

Prerequisites: Proximity to target device · WiFi-Direct enabled on target

MITRE ATT&CK