Android Camera App Bug Lets Apps Record Video Without Permission | WHAT REALLY HAPPENED

Android Camera App Bug Lets Apps Record Video Without Permission

A new vulnerability has been found in the Camera apps for millions, if not hundreds of millions, of Android devices that could allow other apps to record video, take pictures, and extract GPS data from media without having the required permissions.

Android apps expose various intents, or functions such as the ability to take a picture, that can be executed by other apps on the device. In order to execute an exposed intent, another app has to have the needed permissions.

In a coordinated disclosure with Google and Samsung, researchers from Checkmarx disclosed today a new vulnerability that allows apps to take pictures, record videos, or get a device's location even if they do not have permissions to do so.

This vulnerability, known as CVE-2019-2234, is known to affect the Google Camera and Samsung Camera apps if they have not been updated since before July 2019.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA