CVE-2015-6606
Android < 5.1 - Privilege Escalation via Secure Element Evaluation Kit Plugin
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-6606. PoCs published by michaelroland.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2015-6606, a code injection vulnerability in the SEEK smartcard service (versions 3.1.0 and below). The exploit demonstrates arbitrary code execution in the context of the smartcard system service, leveraging elevated permissions.
Description
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786.
Exploits (1)
This repository contains a proof-of-concept exploit for CVE-2015-6606, a code injection vulnerability in the SEEK smartcard service (versions 3.1.0 and below). The exploit demonstrates arbitrary code execution in the context of the smartcard system service, leveraging elevated permissions.