{
	"id": "2747f0a6-b756-4682-82d6-193a9ae13b91",
	"created_at": "2026-04-06T01:31:43.239136Z",
	"updated_at": "2026-04-10T13:11:41.154837Z",
	"deleted_at": null,
	"sha1_hash": "dae20be1958406560b19bf86a55755aa432701dd",
	"title": "APP-22 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 46263,
	"plain_text": "APP-22 · Mobile Threat Catalogue\r\nArchived: 2026-04-06 00:18:12 UTC\r\nMobile Threat Catalogue\r\nAvoiding Uninstallation via Permissions Abuse\r\nContribute\r\nThreat Category: Malicious or privacy-invasive application\r\nID: APP-22\r\nThreat Description: The Device Administrator permission in Android is designed to allow enterprises to develop\r\napps that can manage settings on users devices to enforce compliance with the enterprise mobile device security\r\npolicy. Prior to Android 6.0, the Device Administrator role could enforce a policy that disabled uninstallation of an\r\napp. Malicious applications could abuse this behavior to gain persistence on the device. Since Android 6.0, users\r\ncan always unregister a given app as a Device Administrator, which disables all associated policies and would\r\nrestore the ability to uninstall the malicious app.\r\nThreat Origin\r\nAndroid Security 2015 Year In Review 1\r\nExploit Examples\r\nNot Applicable\r\nCVE Examples\r\nCVE-2017-0594\r\nCVE-2017-0595\r\nCVE-2017-0596\r\nPossible Countermeasures\r\nEnterprise\r\nEnsure Android devices are running a recent version of the operating system. As described at 44:20 in the Google\r\nI/O 2016 “What’s new in Android security” (https://www.youtube.com/watch?v=XZzLjllizYs), enhancements\r\nwere made in Android M or N to ensure that all device admin apps can be uninstalled.\r\nMobile Device User\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-22.html\r\nPage 1 of 2\n\nEnsure Android devices are running a recent version of the operating system. As described at 44:20 in the Google\r\nI/O 2016 “What’s new in Android security” (https://www.youtube.com/watch?v=XZzLjllizYs), enhancements\r\nwere made in Android M or N to ensure that all device admin apps can be uninstalled.\r\nReferences\r\n1. Android Security 2015 Year In Review, Google, 2016;\r\nhttps://source.android.com/security/reports/Google_Android_Security_2015_Report_Final.pdf [accessed\r\n8/25/2016] ↩\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-22.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-22.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-22.html"
	],
	"report_names": [
		"APP-22.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775439103,
	"ts_updated_at": 1775826701,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/dae20be1958406560b19bf86a55755aa432701dd.pdf",
		"text": "https://archive.orkl.eu/dae20be1958406560b19bf86a55755aa432701dd.txt",
		"img": "https://archive.orkl.eu/dae20be1958406560b19bf86a55755aa432701dd.jpg"
	}
}