{
	"id": "8e0e55e0-ec53-49e1-931d-fc05b2954643",
	"created_at": "2026-04-06T00:07:18.036731Z",
	"updated_at": "2026-04-10T03:20:29.149466Z",
	"deleted_at": null,
	"sha1_hash": "dc8c54a1914fe4daeba33944697e540f4f21f009",
	"title": "SPC-21 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 44916,
	"plain_text": "SPC-21 · Mobile Threat Catalogue\r\nArchived: 2026-04-05 21:54:57 UTC\r\nMobile Threat Catalogue\r\nLow-level Backdoor\r\nContribute\r\nThreat Category: Supply Chain\r\nID: SPC-21\r\nThreat Description: Low level backdoor inadvertently left by firmware developer.\r\nThreat Origin\r\nThis is what a root debug backdoor in a Linux kernel looks like 1\r\nChinese ARM vendor left developer backdoor in kernel for Android, other devices 2\r\nExploit Examples\r\nNot Applicable\r\nCVE Examples\r\nNot Applicable\r\nPossible Countermeasures\r\nEnterprises\r\nObtain devices from a reputable vendor with a strong record of addressing security flaws in a timely fashion.\r\nMobile Device User\r\nObtain devices from a reputable vendor with a strong record of addressing security flaws in a timely fashion.\r\nTo reduce the opportunity for an attacker to exploit a patched vulnerability, ensure security updates are applied in\r\na timely manner by configuring automated installation of or, at a minimum, automatic notification of the\r\navailability of security updates.\r\nTo reduce the opportunity for attacks against various firmware components, disable device features when not in\r\nuse (e.g., Bluetooth, Wi-Fi, NFC), and globally revoke access to unused device sensors or OS-provided functions\r\n(e.g., camera, microphone, location services).\r\nhttps://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-21.html\r\nPage 1 of 2\n\nEnterprise\r\nTo reduce the opportunity for an attacker to exploit a patched vulnerability, ensure security updates are applied in\r\na timely manner by configuring automated installation of or, at a minimum, automatic notification of the\r\navailability of security updates.\r\nReferences\r\n1. R. Chirgwin, “This is what a root debug backdoor in a Linux kernel looks like,” The Register, 9 May 2016;\r\nhttp://www.theregister.co.uk/2016/05/09/allwinners_allloser_custom_kernel_has_a_nasty_root_backdoor/ ↩\r\n2. S. Gallagher, “Chinese ARM vendor left developer backdoor in kernel for Android, other devices,” Ars\r\nTechnica, 11 May 2016; http://arstechnica.com/security/2016/05/chinese-arm-vendor-left-developer-backdoor-in-kernel-for-android-pi-devices/ ↩\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-21.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-21.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-21.html"
	],
	"report_names": [
		"SPC-21.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434038,
	"ts_updated_at": 1775791229,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/dc8c54a1914fe4daeba33944697e540f4f21f009.pdf",
		"text": "https://archive.orkl.eu/dc8c54a1914fe4daeba33944697e540f4f21f009.txt",
		"img": "https://archive.orkl.eu/dc8c54a1914fe4daeba33944697e540f4f21f009.jpg"
	}
}