Page 52 - index
P. 52
Are your Android devices vulnerable?
To determine if there was a trend in which devices have been patched or not, we analyzed the data
collected by our app, Trustable by Bluebox. Trustable by Bluebox scans Android devices for mobile
vulnerabilities and insecurities, including CVE-2014-7911. The app provides users with a Trust
Score – a measure of security of the device – as well as which vulnerabilities their device is
susceptible to and guidance on how to improve their overall security posture.
Our analysis found that about 20 percent of the manufacturers seen have issued a patch for CVE-
2014-7911 to at least one of their devices running an Android OS before 5.0. This includes top
manufactures like Samsung, HTC, Sony, LG, and Motorola. Some notable devices that we
observed that are still running an OS before 5.0, but that are patched against CVE-2014-7911 are
Blackphone and OnePlus One. Take a look at the screenshots below to see how Trustable by
Bluebox identifies the ObjectInputStream Serialization vulnerability.
Not vulnerable:
Vulnerable:
52 Cyber Warnings E-Magazine – February 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
