Remote, One-Click, Breaking through Smartphones via a Non Well-Known Remote Attack Surface
Автор: Black Hat
Загружено: 2025-02-27
Просмотров: 4246
Instant messaging application (such as iMessage and WhatsApp) is an important remote attack surface for smartphones, often used by spyware as the first step in APT attacks, and has received great attention in the past.
Carrier Based video calling, as a native video calling feature of mobile phones, is also a major remote attack surface for smartphones.
We have discovered fatal 0-day vulnerabilities in some native Carrier Based video calling of mobile phones, which have been present for at least 7 years. As long as the target accepts our video call invitation, we can exploit these vulnerabilities to remotely obtain code execution permissions for the target phone's system.
In this session, we will introduce this remote attack surface we have discovered and provide a few examples to illustrate the potential issues and impacts that may arise within this attack surface.
By:
Qinrun Dai | PhD Student, University of Colorado Boulder
Fan Yang | Security Researcher, Singular Security Lab
Haikuo Xie | Security Researcher, Singular Security Lab
Full Abstract and Presentation Materials Available:
https://www.blackhat.com/us-24/briefi...
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
