Google has just fixed a significant bug affecting the Nexus 5X devices. The bug allowed would-be attackers to extract key information from a device, whether or not it was locked. The flaw was first reported by the IBM X-Force security team, who said that this key vulnerability would allow attackers to get their hands on full memory dump through the Android Debut Bridge (ADB). ADB is a command-line PC tool that can be used for developers with USB-Connected Android devices.
According to IBM, the bug affects all older versions of the Nexus 5X android images and is really straightforward to exploit. Under one of the possible scenario, an attacker who didn’t have access to the targeted phone would need to infect a developer’s PC (ADB-authorized) with malware. Another possible situation involves plugging a headset into a malicious charger. This approach was found to be successful in devices that had ADB enabled. The target would also be required to authorize the malicious charger once it had been connected.
According to IBM, a fastboot mode left a USB interface exposed, thus creating a window of opportunity for attackers to issues commands that would crash the device bootloader. In some vulnerable bootloader versions, this crash exposes a connection that enables the hacker to obtain a full memory dump of the targeted device. IBM has also found out that due to the bootloader bug, potential hackers would be able to obtain a phone’s password from memory dump. This is disastrous in that it would create a pathway for further attackers.
But not to worry, users of the Nexus 5X are now able to download the update and seal this security loophole. As usual, they should get a system for the OTA (over the air) update immediately it’s available.