Medium severity6.8NVD Advisory· Published Aug 29, 2018· Updated Jun 17, 2026
CVE-2018-6597
CVE-2018-6597
Description
The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user. They have made modifications that allow a user with physical access to the device to obtain a root shell via ADB. Modifying the read-only properties by an app as the system user creates a UNIX domain socket named factory_test that will execute commands as the root user by processes that have privilege to access it (as per the SELinux rules that the vendor controls).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- www.kryptowire.com/portal/android-firmware-defcon-2018/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.