My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets




StageFright is a vulnerability in Android OS that can be exploited by cybercriminals to execute a custom code on the infected device. All versions of Android operating systems starting with 2.2 till 5.1.1 are subject to this vulnerability. It should be noted that Android 4.1 possesses the ASLR mechanism (Address Space Layout Randomization), which makes creation of a working exploit for this vulnerability more difficult.

To be able to use StageFright, cybercriminals need to plant a specially generated MP4 file on the compromised devise by any possible means, for example, by sending an MMS message to the victim. At that, no user interference is required.

If Dr.Web for Android has detected this vulnerability, it is strongly recommended to contact the device manufacturer to get necessary updates for the operating system.

Technical details

The vulnerability exists in the “Stagefright” component of the Android OS kernel. This component is a library which is developed under the auspices of the Android Open Source Project (AOSP) and is used to play MP4 files. If a specially generated MP4 file is planted on the device, then, due to an error in the handler operation, the malicious code will be executed even if a file manager just opens the folder containing this file (for example, to create a shortcut). The launched code will be executed with system privileges. As a result, cybercriminals can get access to confidential data stored on the compromised device or, for example, record a video using the inbuilt camera.

See also information about other vulnerabilities

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies