CVE-2014-8610

Google Android < 4.4.4 - Access Control

Title source: rule

Description

AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795.

Exploits (1)

nomisec WORKING POC

by eddieoz · poc

https://github.com/eddieoz/dual-ec-drbg

View Code ZIP pw:eip

References (6)

[Exploit] https://github.com/joswr1ght/drozer-modules/blob/master/whfs/smsdraftsend.py

[Exploit] http://xteam.baidu.com/?p=164

[Mailing List] http://seclists.org/fulldisclosure/2014/Nov/85

[Exploit] http://seclists.org/fulldisclosure/2014/Dec/8

[Exploit] http://packetstormsecurity.com/files/129282/Android-SMS-Resend.html

[Vendor Advisory] https://android.googlesource.com/platform/packages/apps/Mms/+/008d6202fca4002a7dfe333f22377faa73585c67

Scores

EPSS 0.0006

EPSS Percentile 18.8%

Details

CWE

CWE-264

Status published

Products (43)

google/android 1.0

google/android 1.1

google/android 1.5

google/android 1.6

google/android 2.0

google/android 2.0.1

google/android 2.1

google/android 2.2 (2 CPE variants)

google/android 2.2.1

google/android 2.2.2

... and 33 more

Published Dec 15, 2014

Tracked Since Feb 18, 2026