CVE: CVE-2016-2496

Export to Word

The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows attackers to conduct tapjacking attacks and access arbitrary private-storage files by creating a partially overlapping window, aka internal bug 26677796.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00314
Percentile: 0.53976

CVSS Scoring

CVSS v3.1 Score: 9.8

Severity: CRITICAL

Mapped CWE(s)

CWE-1021 : Improper Restriction of Rendered UI Layers or Frames

All CAPEC(s)

CAPEC-103: Clickjacking
CAPEC-181: Flash File Overlay
CAPEC-222: iFrame Overlay
CAPEC-504: Task Impersonation
CAPEC-506: Tapjacking
CAPEC-587: Cross Frame Scripting (XFS)
CAPEC-654: Credential Prompt Impersonation

CAPEC(s) with Mapped TTPs

CAPEC-504: Task Impersonation
Mapped TTPs:
- T1036.004 : Masquerade Task or Service
CAPEC-654: Credential Prompt Impersonation
Mapped TTPs:
- T1056 : Input Capture
- T1548.004 : Elevated Execution with Prompt

Mapped ATT&CK TTPs

T1036.004 : Masquerade Task or Service
Kill Chain: defense-evasion
T1056 : Input Capture
Kill Chain: collection
T1548.004 : Elevated Execution with Prompt
Kill Chain: privilege-escalation

Malware

APTs Threat Group Associations

Campaigns

APT41 DUST
SolarWinds Compromise
RedDelta Modified PlugX Infection Chain Operations
Versa Director Zero Day Exploitation
Frankenstein
Leviathan Australian Intrusions
C0017
2022 Ukraine Electric Power Attack
KV Botnet Activity

Affected Products

cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*

← Back to Home