You see this notification on the Trend Micro Home Network Security app:
SIP Digium Asterisk app_minivm Caller-ID Command Execution -1.1
Why did this happen?
A vulnerability in your android device was detected.
This vulnerability exploits by the hacker to send specially crafted caller-id name and number data to trigger an input validation flaw in the "app_minvm" module to execute arbitrary operating system commands on the targeted system.
What are its risks?
The attacker who successfully exploited this vulnerability executes arbitrary operating system commands in the affected devices and extracts sensitive information.
What should I do next?
- Disable the auto-fetching to prevent automatic download of file from a messaging application.
- Avoid installing applications from unknown link.
- Apply the most recent patch update of your device from your device's manufacturer and check if they have fixed this vulnerability. Show me how.
- Make sure you install the latest Android version of your device. Show me how.
Am I protected?
Trend Micro customers are currently protected from this vulnerability.
Rule ID: 1134191
What if I have more questions?
For more information, check out these pages:
