Login Sign Up

CVE-2017-13323

7.8 HIGH

📋 TL;DR

CVE-2017-13323 is an integer overflow vulnerability in Android's String16.cpp that allows unprivileged processes to write out of bounds memory. This can lead to local privilege escalation without user interaction. Affects Android devices running vulnerable versions.

💻 Affected Systems

Products:
  • Android
Versions: Android 8.0 (Oreo) and earlier versions
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Pixel and Nexus devices specifically mentioned in bulletin, but affects all Android devices running vulnerable versions.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains root/system privileges on the device, potentially compromising all user data and system integrity.

🟠

Likely Case

Malicious app escapes sandbox to access other apps' data or system resources.

🟢

If Mitigated

With proper app sandboxing and SELinux policies, impact limited to app's own data.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring code execution on device.
🏢 Internal Only: HIGH - Any malicious app on the device could exploit this without user interaction.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local code execution but no user interaction. Proof-of-concept code exists in security research community.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level 2018-05-01 or later

Vendor Advisory: https://source.android.com/docs/security/bulletin/pixel/2018-05-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > Advanced > System update. 2. Install available security update. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable unknown sources

android

Prevent installation of untrusted apps that could exploit this vulnerability

Settings > Security > Unknown sources (toggle OFF)

🧯 If You Can't Patch

  • Restrict app installations to Google Play Store only
  • Use mobile device management (MDM) to enforce security policies and monitor for suspicious app behavior

🔍 How to Verify

Check if Vulnerable:

Check Settings > About phone > Android security patch level. If date is before 2018-05-01, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android security patch level shows 2018-05-01 or later date.

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts in system logs
  • SELinux denials for unexpected process transitions

Network Indicators:

  • Not applicable - local exploit

SIEM Query:

Not applicable for typical Android deployments

📊 Metadata

CVE ID: CVE-2017-13323
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-190
Published: November 27, 2024
Last Updated: December 18, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-13323, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)