Exploitation Summary
EIP tracks 1 public exploit for CVE-2017-0807. PoCs published by kpatsakis.
AI-analyzed exploit summary This repository contains a functional proof-of-concept for CVE-2017-0807, demonstrating how an unprivileged Android app can overlay system interfaces to trick users into granting device admin privileges. The exploit leverages UI overlay techniques without requiring dangerous permissions like SYSTEM ALERT WINDOW.
Description
An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.
Exploits (1)
This repository contains a functional proof-of-concept for CVE-2017-0807, demonstrating how an unprivileged Android app can overlay system interfaces to trick users into granting device admin privileges. The exploit leverages UI overlay techniques without requiring dangerous permissions like SYSTEM ALERT WINDOW.
References (4)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H