The latest issue found in Google’s Android Admin application allows other applications on the device to bypass sandbox restrictions. This means that those other applications can read arbitrary files through the use of symbolic links. According to to security researchers from MWR Labs, the issue occurs when the Google Admin application receives a URL via an IPC call from any other application on the same device. The Admin application would load this URL in a WebView within its own activity. If an attacker used a file:// URL to redirect to a file that they controlled, then it is possible to use symbolic links to bypass the Same Origin Policy and retrieve data out of the Google Admin sandbox. No update has been released yet, researchers said, but they recommended that devices with Google Admin installed should not download any untrusted third-party applications.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street