pegasus Spyware research paper
Security Research

Android 11 PIP Vulnerability

This paper focuses on the vulnerability found in Android 11 where there is no special permission required to control the minimum allowed window size making it possible for an adversary to create an arbitrary small window which won’t be visible to the users. Using this window, it is possible for an unprivileged application to maintain its foreground stage and bypass security restrictions allowing it to use critical permissions.

Key Pointers:
  • What is PIP mode and understanding the vulnerability in Android 11
  • Understanding the key terms used throughout this paper
  • Mapping the affected and unaffected android versions
  • Setting up the virtual environment and performing the exploitation
  • Taking a look at some of the mitigations to this vulnerability

Brands that
trust our competence

Explore more
kfc logo
discover logo
adp logo
adbed bath beyond logo
expedia logo
chipotle logo
Mosaic Insurance logo
dell logo
fannie-mae logo
 maersk logo
 gsk logo
 wiz logo
 bt logo