Google Android April 2021 Security Patch Vulnerabilities: Discover and Take Remote Response Action Using VMDR for Mobile Devices

Swapnil Ahirrao

The recently released Android Security Bulletin for April 2021 addresses 36 vulnerabilities, out of which 2 are rated as critical vulnerabilities. The vulnerabilities affect open-source components such as the Android Framework, Android Media Framework, Android System, and Android’s Linux Kernel fork. The vulnerabilities also affect MediaTek and QUALCOMM closed-source components.

Android System Remote Code Execution (RCE) Vulnerability

Google released a patch to fix a critical RCE vulnerability (CVE-2021-0430). This vulnerability has a CVSSv3 base score of 8.8 and should be prioritized for patching. It affects Android versions 10 and 11.

QUALCOMM Closed-Source Components Elevation of Privilege (EoP) Vulnerability

Google released a patch to fix a critical EoP vulnerability (CVE-2020-11210). This vulnerability has a CVSSv3 base score of 7.8 and should be prioritized for patching. It affects devices running on QUALCOMM processors.

QUALCOMM Closed-Source Components Denial of Service (DoS) Attack Vulnerability

Google released a patch to fix a DoS vulnerability (CVE-2020-11243). This vulnerability has a CVSSv3 base score of 7.5 and should be prioritized for patching. It affects devices running on QUALCOMM processors.

Kernel Component Elevation of Privilege (EoP) Vulnerability

Google released a patch to fix an EoP vulnerability (CVE-2020-15436). This vulnerability has a CVSSv3 base score of 7.8 and should be prioritized for patching.

QUALCOMM Closed-Source Components Access to Potentially Sensitive Information Vulnerability

Google released a patch to fix an access vulnerability (CVE-2020-11251). This vulnerability has a CVSSv3 base score of 6.5 and should be prioritized for patching. It affects devices running on QUALCOMM processors.

Discover Vulnerabilities and Take Remote Response Action Using VMDR for Mobile Devices

Discover Assets Missing the Latest Android Security Patch

The first step in managing these critical vulnerabilities and reducing risk is to identify the assets. Qualys VMDR for Mobile Devices makes it easy to identify the assets missing the latest security patch. To get comprehensive visibility of mobile devices, you need to install Qualys Cloud Agent for Android or iOS on all mobile devices. The device on-boarding process is easy, and inventory of mobile devices is free.

Query: vulnerabilities.vulnerability.title:April 2021

Once you get the list of assets missing the latest security patch, navigate to the Vulnerability tab and apply the Group By “Vulnerabilities” to get the list of the CVEs which Google fixes in the April security patch. Qualys VMDR helps you understand what kind of risk you are taking by allowing the unpatched device to hold corporate data and connect to your corporate network.

QID 610331 is available in signature version SEM VULNSIGS-1.0.0.30, and there is no dependency on any specific Qualys Cloud Agent version.

With the VMDR for Mobile Devices dashboard, you can track the status of the assets on which the latest security patch is missing. The dashboard will be updated with the latest data collected by Qualys Cloud Agent for Android devices.

Remote Response Action

You can perform the “Send Message” action to inform the end user to update the security patch to the latest patch. Also, you may provide step-by-step details to update the security patch.

As of this writing, the April security patch is not released by most of the manufacturers. For now, it has been released by Google for Pixel, Samsung, LG, and Motorola. For those manufacturers, the vulnerabilities are marked as “Confirmed;” for the rest, they are marked as “Potential”. QIDs specific to individual manufacturers are 610329, 610330, 610332, and and 610331 is the QID for the rest of the manufacturers. These QIDs are available in signature version SEM VULNSIGS-1.0.0.30

We recommend updating to the latest security patch for the assets where vulnerabilities are detected as “Confirmed”. For the rest of the manufacturers, you can take appropriate action based on the asset criticality.

Qualys VMDR for Mobile Devices is available as a free 30-day trial to help customers detect vulnerabilities, monitor critical device settings, and correlate updates with the correct app versions available on Google Play Store. Sign up for a 30-day trial of VMDR for Mobile Devices.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *