cbcvebase.
CVE-2017-13315
published 2024-11-19

CVE-2017-13315: In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of…

PriorityP179high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.10%
0.9th percentile
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected

13 ranges
VendorProductVersion rangeFixed in
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid
googleandroid

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability exists in DcParamObject.java — monitor for exploitation via writeToParcel/createFromParcel size mismatch in the telephony/data-connection Parcelable, which can allow an unprivileged user to start an Activity with system privileges
  • Track Android Security Bulletin reference A-70721937 for patch diffing and detection rule development targeting affected AOSP versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1
  • ·No user interaction is required for exploitation, meaning this vulnerability can be triggered silently — detection must rely on behavioral/system-call monitoring rather than user-facing indicators
  • ·The privilege escalation allows starting an Activity with system privileges from an unprivileged context — no additional execution privileges are needed by the attacker, lowering the exploitation bar significantly

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.