Login Sign Up

CVE-2020-7745

7.1 HIGH
Remote Code Execution

📋 TL;DR

CVE-2020-7745 is a backdoor vulnerability in MintegralAdSDK that allows Mintegral and their advertising partners to remotely execute arbitrary code on user devices. This affects all applications that integrate the vulnerable SDK version, potentially compromising millions of mobile devices.

💻 Affected Systems

Products:
  • MintegralAdSDK
Versions: All versions before 6.6.0.0
Operating Systems: iOS, Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects any mobile app that integrates the vulnerable SDK version. The malicious functionality is built into the SDK itself.

📦 What is this software?

Mintegraladsdk by Mintegral

View all CVEs affecting Mintegraladsdk →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attackers to steal sensitive data, install additional malware, or join devices to botnets.

🟠

Likely Case

Advertisers executing unauthorized code to collect user data, display malicious ads, or perform click fraud.

🟢

If Mitigated

Limited data collection or ad fraud if network controls block malicious domains.

🌐 Internet-Facing: HIGH - The SDK communicates with external ad servers that can deliver malicious payloads.
🏢 Internal Only: LOW - This is primarily an external threat from ad networks.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The backdoor functionality is intentionally built into the SDK. Attackers can trigger it through normal ad network communications.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.6.0.0 and later

Vendor Advisory: https://www.mintegral.com/en/

Restart Required: Yes

Instructions:

1. Update MintegralAdSDK to version 6.6.0.0 or later. 2. Rebuild and redeploy affected mobile applications. 3. Test application functionality after update.

🔧 Temporary Workarounds

Network Blocking

all

Block communication with Mintegral ad servers at network level

SDK Removal

all

Remove MintegralAdSDK from applications and replace with alternative ad SDK

🧯 If You Can't Patch

  • Isolate affected devices on segmented network with restricted internet access
  • Implement application allowlisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check application dependencies for MintegralAdSDK version below 6.6.0.0. For iOS: check Podfile.lock. For Android: check build.gradle dependencies.

Check Version:

iOS: grep -r 'MintegralAdSDK' Podfile.lock; Android: grep -r 'com.mintegral' build.gradle

Verify Fix Applied:

Confirm MintegralAdSDK version is 6.6.0.0 or higher in application dependencies and monitor for suspicious network traffic to Mintegral domains.

📡 Detection & Monitoring

Log Indicators:

  • Unusual process execution from ad-related processes
  • Suspicious network connections to Mintegral domains

Network Indicators:

  • HTTP requests to Mintegral ad servers with unusual payloads
  • Unexpected outbound connections from mobile apps

SIEM Query:

source="mobile_device" AND (dest_ip IN mintegral_ips) AND (http_user_agent CONTAINS "Mintegral")

📊 Metadata

CVE ID: CVE-2020-7745
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
CWE: CWE-94
Published: October 19, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-7745, you might also want to check these:

CVE-2025-62521 10.0

CVE-2025-62521 is a critical pre-authentication remote code execution vulnerability in ChurchCRM tha...

Same vulnerability type (CWE-94)
CVE-2026-26216 10.0

Crawl4AI versions before 0.8.0 contain an unauthenticated remote code execution vulnerability in the...

Same vulnerability type (CWE-94)
CVE-2021-22205 10.0

CVE-2021-22205 is a critical remote code execution vulnerability in GitLab CE/EE where improper vali...

Same vulnerability type (CWE-94)