CVE-2020-15165
📋 TL;DR
CVE-2020-15165 affects Chameleon Mini Live Debugger version 1.1.6-free on Google Play Store, where the app may have been tampered with by a malicious actor, potentially modifying sources or permissions. All users of this version are affected and could be running compromised software. The vulnerability allows unauthorized code execution or data access through a maliciously modified app.
💻 Affected Systems
- Chameleon Mini Live Debugger
📦 What is this software?
Chameleon Mini Live Debugger by Chameleon Mini Live Debugger Project
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of device data, unauthorized access to NFC/RFID functionality, installation of additional malware, and credential theft.
Likely Case
Unauthorized data access, potential privilege escalation, and exposure of sensitive information stored or processed by the app.
If Mitigated
Limited impact if app is isolated with minimal permissions and device has security controls, but still represents elevated risk.
🎯 Exploit Status
Exploitation requires users to install the tampered version from Google Play Store; no additional technical steps needed once installed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v1.1.8
Vendor Advisory: https://github.com/maxieds/ChameleonMiniLiveDebugger/security/advisories/GHSA-8q77-7hq8-f7g6
Restart Required: Yes
Instructions:
1. Open Google Play Store. 2. Search for 'Chameleon Mini Live Debugger'. 3. If update is available, tap 'Update'. 4. If already on v1.1.8, ensure no older versions are installed. 5. Restart device after update.
🔧 Temporary Workarounds
Uninstall vulnerable version
androidRemove the potentially compromised app from your device
Settings > Apps > Chameleon Mini Live Debugger > Uninstall
Disable app permissions
androidRestrict app permissions to minimize potential damage
Settings > Apps > Chameleon Mini Live Debugger > Permissions > Disable all
🧯 If You Can't Patch
- Immediately uninstall the app from all devices
- Monitor devices for unusual activity and consider factory reset if compromise is suspected
🔍 How to Verify
Check if Vulnerable:
Check app version in Settings > Apps > Chameleon Mini Live Debugger > App info. If version is 1.1.6-free, you are vulnerable.Check Version:
Not applicable for mobile apps; check via device settings as described.Verify Fix Applied:
Verify app version shows 1.1.8 or higher in Settings > Apps > Chameleon Mini Live Debugger > App info.📡 Detection & Monitoring
Log Indicators:
- Unusual app behavior logs
- Permission escalation attempts
- Unexpected network connections from the app
Network Indicators:
- Unexpected outbound connections from the app to unknown domains
SIEM Query:
Not typically applicable for mobile app vulnerabilities in enterprise SIEMs🔗 References
- https://github.com/maxieds/ChameleonMiniLiveDebugger/security/advisories/GHSA-8q77-7hq8-f7g6
- https://play.google.com/store/apps/details?id=com.maxieds.chameleonminilivedebugger&hl=en_US
- https://github.com/maxieds/ChameleonMiniLiveDebugger/security/advisories/GHSA-8q77-7hq8-f7g6
- https://play.google.com/store/apps/details?id=com.maxieds.chameleonminilivedebugger&hl=en_US
