CVE-2017-0505

HIGH

Android < 7.1.1 - Privilege Escalation in MediaTek Components

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0505. PoCs published by R0rt1z2.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2017-0505, targeting a vulnerability in MediaTek's M4U driver. The exploit uses an ioctl call with a crafted payload to trigger the vulnerability, likely leading to local privilege escalation (LPE).

Description

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31822282. References: M-ALPS02992041.

Exploits (1)

nomisec WORKING POC 6 stars

by R0rt1z2 · poc

https://github.com/R0rt1z2/CVE-2017-0505-mtk

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2017-0505, targeting a vulnerability in MediaTek's M4U driver. The exploit uses an ioctl call with a crafted payload to trigger the vulnerability, likely leading to local privilege escalation (LPE).

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: MediaTek M4U driver (Android kernel module)

No auth needed

Prerequisites: Android device with MediaTek chipset · Access to the device (local or via ADB)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2017-03-01

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037968

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96726

Patch, Vendor Advisory

https://source.android.com/security/bulletin/2017-03-01.html

Scores

CVSS v3 7.8

EPSS 0.0143

EPSS Percentile 69.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (2)

google/android < 7.1.1

Google Inc./Android

Published Mar 08, 2017

Tracked Since Feb 18, 2026