CVE-2017-13315
published 2024-11-19CVE-2017-13315: In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of…
PriorityP179high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.10%
0.9th percentile
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in DcParamObject.java — monitor for exploitation via writeToParcel/createFromParcel size mismatch in the telephony/data-connection Parcelable, which can allow an unprivileged user to start an Activity with system privileges ↗
- →Track Android Security Bulletin reference A-70721937 for patch diffing and detection rule development targeting affected AOSP versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 ↗
- ·No user interaction is required for exploitation, meaning this vulnerability can be triggered silently — detection must rely on behavioral/system-call monitoring rather than user-facing indicators ↗
- ·The privilege escalation allows starting an Activity with system privileges from an unprivileged context — no additional execution privileges are needed by the attacker, lowering the exploitation bar significantly ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-97h5-gfw2-p92x: In writeToParcel and createFromParcel of DcParamObject
ghsa_unreviewed·2024-11-19
CVE-2017-13315 [HIGH] CWE-131 GHSA-97h5-gfw2-p92x: In writeToParcel and createFromParcel of DcParamObject
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.
VulnCheck
Google Android Incorrect Calculation of Buffer Size
vulncheck·2017·CVSS 7.8
CVE-2017-13315 [HIGH] Google Android Incorrect Calculation of Buffer Size
Google Android Incorrect Calculation of Buffer Size
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected: Google Android
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://news.drweb.com/show/?i=13108; https://news.drweb.com/show/review/?lng=en&i=13278
Android
CVE-2017-13315: Android Security Bulletin 2018-05-01
CVE: CVE-2017-13315
Severity: HIGH
Type: EoP
Affected AOSP versions: 6
vendor_android·2018-05-01·CVSS 7.8
CVE-2017-13315 [HIGH] CVE-2017-13315: Android Security Bulletin 2018-05-01
CVE: CVE-2017-13315
Severity: HIGH
Type: EoP
Affected AOSP versions: 6
Android Security Bulletin 2018-05-01
CVE: CVE-2017-13315
Severity: HIGH
Type: EoP
Affected AOSP versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1
References: A-70721937
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-11-19
Published
Exploited in the wild