Director's cut with a soundtrack: • [SOUNDTRACK] Exploitat... .
This video demonstrates the exploitation of a vulnerability in the custom Samsung Qmage image codec via MMS. The exploit proof-of-concept achieves remote code execution with no user interaction on a Samsung Galaxy Note 10+ phone running Android 10 (February 2020 patch level).
Vulnerabilities in the Qmage format were reported by the Google Project Zero team to Samsung in January 2020, and were addressed in the Samsung May 2020 Security Bulletin as SVE-2020-16747. The bugs were also collectively assigned CVE-2020-8899.
For more details, see:
* github.com/googleprojectzero/... - source code of the exploit.
* github.com/googleprojectzero/... - source code of the fuzzing harness used to identify the crashes.
* googleprojectzero.blogspot.co... - first of the MMS exploitation blog post series on the Project Zero blog.
* bugs.chromium.org/p/project-z... - the original in-depth report discussing the codec and security issues. It also includes an FAQ section outlining how the exploit works.
* security.samsungmobile.com/se... - Samsung Security Updates website.