CVE-2016-8467

MEDIUM

Android < 7.1.0 - Elevation of Privilege via Bootloader Modem Command Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8467. PoCs published by roeeh.

AI-analyzed exploit summary This repository contains an Android application that checks if a Nexus 6/6P device is vulnerable to CVE-2016-8467 by verifying the bootmode property and security patch level. It does not exploit the vulnerability but detects potential tampering or unpatched status.

Description

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784.

Exploits (1)

nomisec SCANNER 7 stars
by roeeh · poc
https://github.com/roeeh/bootmodechecker

This repository contains an Android application that checks if a Nexus 6/6P device is vulnerable to CVE-2016-8467 by verifying the bootmode property and security patch level. It does not exploit the vulnerability but detects potential tampering or unpatched status.

Classification
Scanner 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Android (Nexus 6/6P)
No auth needed
Prerequisites: Physical or local access to the device · Device must be Nexus 6 or 6P
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-01-01.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95250

Scores

CVSS v3 5.5
EPSS 0.0036
EPSS Percentile 27.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-264
Status published
Products (2)
google/android < 7.1.0
Google Inc./Android
Published Jan 13, 2017
Tracked Since Feb 18, 2026