Members of Android team of Google identified that some of Honeywell’s Android based hand-held computers are influenced by a high severeness benefit advances flaw. The company has announced software news that should describe the vulnerability.

Honeywell’s hand-held computers are promoted as devices that incorporate the advantages supplied by customer PDAs with industrial mobile computers’ high end. Such rugged devices function Android or operating systems of Windows and they offer a wide extent of helpful utilities and connectivity attributes, containing Wi-Fi, Bluetooth and characteristic with Cisco products. The devices are employed globally in the commercial means, energy, crucial manufacturing, and healthcare sectors.

The flaw according to ICS-CERT, identified by Google employees impacts seventeen hand-held computers from Honeywell, containing CT60, CN80, CT40, CK75, CN75, CT50, D75e, CN51, and EDA series devices functioning different versions of Android, from 4.4 through 8.1. If a hostile application creates its way onto an impacted device, it can permit its producers to advance benefits on the system and acquire unapproved access to defensive particulars, containing key-strokes, business-critical documents, emails, passwords, and photos.

“A skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges,” ICS-CERT said in its advisory.

The vulnerability is trailed as CVE-2018-14825 and it has been designated a CVSS score of 7.6, which generates it high intensity. The domestic CERTs of different nationals have produced consumptives to notify companies about the bug. Whereas the security flaw has been identified by Android team of Google, Honeywell stated that the problem is particular to its products and it never effects Android in standard.

“Honeywell has identified a potential vulnerability on select versions of our rugged mobile computers and issued a software patch to update these devices.” Eric Krantz, a Honeywell spokesperson, said via email.

ICS-CERT offers a absolute list of influenced devices and Android versions, along with the software reveals comprising a fix. Besides to employing the patches, Honeywell has suggests users to white-list authentic applications in an attempt to bound the threat of harmful apps advancing devices.

Related articles

Apple Warns of Fault Impacting Third-party Keyboard Apps
Vulnerability Alerts

Apple Warns of Fault Impacting Third-party Keyboard Apps

By CertX
New Spectre-like Attacks affect Intel CPUs
Vulnerability Alerts

New Spectre-like Attacks affect Intel CPUs

By CertX
Critical flaw in Jenkins Server could lead to information divulgence
Vulnerability Alerts

Critical flaw in Jenkins Server could lead to information divulgence

By CertX
Vulnerability Alerts

VLC and Other Software Affected By Bug in Media Library

By CertX
Risk of Attacks Rises Due to Flaws in Component of SAP Application
Vulnerability Alerts

Risk of Attacks Rises Due to Flaws in Component of SAP Application

By CertX

Leave a Reply

Your email address will not be published. Required fields are marked *