{
	"id": "c6f3906f-5b4a-4129-9ea9-6307e741d3fd",
	"created_at": "2026-04-06T00:18:30.939525Z",
	"updated_at": "2026-04-10T03:21:00.72736Z",
	"deleted_at": null,
	"sha1_hash": "5bfd7b963f99fb426f796eba1cd9be4105297ab1",
	"title": "APP-26 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 88212,
	"plain_text": "APP-26 · Mobile Threat Catalogue\r\nArchived: 2026-04-05 16:03:46 UTC\r\nMobile Threat Catalogue\r\nPrivilage Escalation via OS Vulnerability\r\nContribute\r\nThreat Category: Malicious or privacy-invasive application\r\nID: APP-26\r\nThreat Description: Malicious applications that achieve privilege escalation in the context of the mobile OS,\r\ndriver, peripheral firmware, or the kernel, may further achieve unauthorized access or modification of app, user, or\r\nsystem data, process memory, or execute other unauthorized actions on the device.\r\nThreat Origin\r\nDissecting Android Malware: Characterization and Evolution 1\r\nExploit Examples\r\nCVE Examples\r\nCVE-2017-2398\r\nCVE-2017-2401\r\nCVE-2017-2440\r\nCVE-2017-2451\r\nCVE-2017-2456\r\nCVE-2017-2472\r\nCVE-2017-2473\r\nCVE-2017-2474\r\nCVE-2017-2478\r\nCVE-2017-2482\r\nCVE-2017-2483\r\nCVE-2017-2490\r\nCVE-2017-0593\r\nCVE-2017-0598\r\nCVE-2017-0601\r\nCVE-2016-7056\r\nCVE-2016-10274\r\nCVE-2016-10275\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nPage 1 of 5\n\nCVE-2016-10276\r\nCVE-2016-9794\r\nCVE-2017-0331\r\nCVE-2017-0604\r\nCVE-2017-0605\r\nCVE-2016-10280\r\nCVE-2016-10281\r\nCVE-2016-10282\r\nCVE-2016-10283\r\nCVE-2016-10284\r\nCVE-2016-10285\r\nCVE-2016-10286\r\nCVE-2015-9004\r\nCVE-2016-10287\r\nCVE-2017-0606\r\nCVE-2016-5860\r\nCVE-2016-5867\r\nCVE-2017-0607\r\nCVE-2017-0608\r\nCVE-2017-0609\r\nCVE-2016-5859\r\nCVE-2017-0610\r\nCVE-2017-0611\r\nCVE-2016-5853\r\nCVE-2016-10288\r\nCVE-2016-10289\r\nCVE-2016-10290\r\nCVE-2017-0465\r\nCVE-2017-0612\r\nCVE-2017-0613\r\nCVE-2017-0614\r\nCVE-2017-0616\r\nCVE-2017-0618\r\nCVE-2017-0619\r\nCVE-2017-0620\r\nCVE-2016-5862\r\nCVE-2017-0621\r\nCVE-2016-5868\r\nCVE-2017-0622\r\nCVE-2017-0623\r\nCVE-2017-0624\r\nCVE-2017-0625\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nPage 2 of 5\n\nCVE-2017-0626\r\nCVE-2017-0627\r\nCVE-2016-10293\r\nCVE-2016-10294\r\nCVE-2016-10295\r\nCVE-2016-10296\r\nCVE-2017-0628\r\nCVE-2017-0629\r\nCVE-2017-0630\r\nCVE-2016-5858\r\nCVE-2017-0631\r\nCVE-2016-5347\r\nCVE-2016-5854\r\nCVE-2016-5855\r\nCVE-2017-0632\r\nCVE-2017-0633\r\nCVE-2017-0634\r\nCVE-2017-2522\r\nCVE-2017-2523\r\nCVE-2017-2497\r\nCVE-2017-6981\r\nCVE-2017-6979\r\nCVE-2017-2051\r\nCVE-2017-2507\r\nCVE-2017-6987\r\nCVE-2017-7004\r\nCVE-2017-2513\r\nCVE-2017-2518\r\nCVE-2017-2520\r\nCVE-2017-2519\r\nCVE-2017-6983\r\nCVE-2017-6991\r\nCVE-2017-7000\r\nCVE-2017-7001\r\nCVE-2017-7002\r\nCVE-2017-2524\r\nCVE-2017-2496\r\nCVE-2017-2505\r\nCVE-2017-2506\r\nCVE-2017-2514\r\nCVE-2017-2515\r\nCVE-2017-2521\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nPage 3 of 5\n\nCVE-2017-2525\r\nCVE-2017-2526\r\nCVE-2017-2530\r\nCVE-2017-2531\r\nCVE-2017-2538\r\nCVE-2017-2539\r\nCVE-2017-2544\r\nCVE-2017-2547\r\nCVE-2017-6980\r\nCVE-2017-6984\r\nCVE-2017-2504\r\nCVE-2017-2508\r\nCVE-2017-2510\r\nCVE-2017-2528\r\nCVE-2017-2536\r\nCVE-2017-2549\r\nCVE-2017-2499\r\nCVE-2016-7056\r\nCVE-2017-0603\r\nCVE-2016-10294\r\nCVE-2017-0615\r\nCVE-2017-0617\r\nPossible Countermeasures\r\nEnterprise\r\nDeploy MAM or MDM solutions with policies that prohibit the side-loading of apps, which may bypass security\r\nchecks on the app.\r\nDeploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app\r\nstores.\r\nUse application threat intelligence data to identify apps that exploit the OS to achieve privilege escalation.\r\nUse app-vetting tools or services to identify apps that exploit the OS to achieve privilege escalation.\r\nTo limit the opportunity for malicious apps to exploit known vulnerabilities, ensure timely installation of security\r\nupdates.\r\nMobile Device User\r\nUse the Android Verify Apps feature to identify potentially harmful apps.\r\nTo limit the opportunity for malicious apps to exploit known vulnerabilities, ensure timely installation of security\r\nupdates.\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nPage 4 of 5\n\nReferences\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-26.html"
	],
	"report_names": [
		"APP-26.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434710,
	"ts_updated_at": 1775791260,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5bfd7b963f99fb426f796eba1cd9be4105297ab1.pdf",
		"text": "https://archive.orkl.eu/5bfd7b963f99fb426f796eba1cd9be4105297ab1.txt",
		"img": "https://archive.orkl.eu/5bfd7b963f99fb426f796eba1cd9be4105297ab1.jpg"
	}
}