{"uuid": "cc657e50-0da8-44de-acd6-8d4d89193794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-2215", "type": "exploited", "source": "https://t.me/androidMalware/500", "content": "Analysis of use-after-free in Binder vulnerability - CVE-2019-2215\n\nThis exploit was used in-the-wild to install NSO group malware - Pegasus.\nThe bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If chained with a browser renderer exploit, this bug could fully compromise a device through a malicious website.\nhttps://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html", "creation_timestamp": "2019-11-22T09:12:16.000000Z"}