Login Sign Up

CVE-2014-9953

9.8 CRITICAL

📋 TL;DR

This vulnerability allows local attackers to gain elevated privileges on Android devices through a flaw in Qualcomm's closed-source kernel components. It affects Android devices with vulnerable Qualcomm chipsets, potentially impacting millions of smartphones and tablets.

💻 Affected Systems

Products:
  • Android devices with Qualcomm chipsets
Versions: Android kernel versions before June 2017 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects closed-source Qualcomm components, so exact device list depends on chipset and OEM implementation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attackers to gain root access, install persistent malware, access all user data, and bypass all security controls.

🟠

Likely Case

Local privilege escalation allowing malicious apps to gain elevated permissions and access sensitive data or system functions they shouldn't have access to.

🟢

If Mitigated

Limited impact if devices are patched, have SELinux properly configured, and run with minimal privileges.

🌐 Internet-Facing: LOW (requires local access to device)
🏢 Internal Only: HIGH (malicious apps or users with physical access can exploit)

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access or malicious app installation. Exploit details were publicly disclosed in security bulletins.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: June 2017 Android Security Patch Level or later

Vendor Advisory: https://source.android.com/security/bulletin/2017-06-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install June 2017 or later security patch. 3. Reboot device. 4. Verify patch level in Settings > About phone > Android security patch level.

🔧 Temporary Workarounds

Disable unknown sources

android

Prevent installation of malicious apps that could exploit this vulnerability

Settings > Security > Unknown sources (toggle OFF)

Enable Google Play Protect

android

Use built-in malware scanning to detect potentially malicious apps

Settings > Google > Security > Google Play Protect (ensure enabled)

🧯 If You Can't Patch

  • Isolate vulnerable devices from sensitive networks and data
  • Implement application whitelisting to prevent unauthorized app installation

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If before June 2017, device is vulnerable.

Check Version:

Settings > About phone > Android security patch level

Verify Fix Applied:

Verify Android security patch level shows June 2017 or later date.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • SELinux denials for kernel operations
  • Unusual root access attempts

Network Indicators:

  • Unusual outbound connections from system processes
  • Suspicious app behavior post-exploitation

SIEM Query:

source="android_logs" AND (event_type="privilege_escalation" OR process="su" OR selinux="denied")

📊 Metadata

CVE ID: CVE-2014-9953
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-264
Published: April 4, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2014-9953, you might also want to check these:

CVE-2018-7505 9.8

This vulnerability allows unauthenticated attackers to upload arbitrary files via TFTP to Advantech ...

Same vulnerability type (CWE-264)
CVE-2014-9955 9.8

CVE-2014-9955 is a critical elevation of privilege vulnerability in Qualcomm's closed-source compone...

Same vulnerability type (CWE-264)
CVE-2014-9957 9.8

This CVE describes an elevation of privilege vulnerability in Qualcomm closed-source components affe...

Same vulnerability type (CWE-264)