The 2017 Pwnie Nominee For Best Client-Side Bug

Pwning the Nexus

Credit: Qidan He (@flanker_hqd), Gengming Liu (@dmxcsnsbh)

During the 2016 CanSecWest Mobile Pwn2Own competition, KeenLab combined three vulnerabilities into a full exploit chain against Android Nougat. A remote exploit against Chrome was followed by a sandbox escape in Chrome’s Intent parsing, allowing them to (jump from a sandboxed context to arbitrary application installation)


Pwning the Nexus