SOTI Pulse Logo

Android Cert Vulnerabilities on the SOTI Mobiontrol

K
Koteeswaran
Murugappa Group

Dear All,

   I have received a request from our customer in order to check any vulnerabilities in SOTI MDM enrolled devices as security concerns.

I have gone through below URL's. What action has to take? I have listed below from our customer raised points as per each CVE (Common Vulnerabilities & Exposures)

Frame Work
Google Play System Updates
Kernel Components
Local Malicious Application
Media Framework
Media Framework/
Google Play System Updates
Media Tek Components
Qualcomm Closed-source components
Qualcomm components
System (Local Malicious)
Unisoc Components
Widevine DRM

Mobicontrol Console Version: 14.3.4.1087

Mobicontrol device Agent version: 14.4.2.1039

https://source.android.com/security/bulletin/2021-09-01

https://source.android.com/security/bulletin/2021-08-01

4 years ago
Android
ANSWERS
N
NTMOD@SOTI
4 years ago

Hi Koteeswaran,

Thank you for asking the question in SOTI Central.

I will discuss about your question internally and provide you with the answers.

Kind Regards,

N
NTMOD@SOTI
3 years ago

Hi Koteeswaran,

Hope you are well.

I have the response back from our security teams. They advised:

1. The security team is looking into these vulnerabilities related to the Android agent. We will dig deeper and get back to you.

2. Meanwhile, if you wish we can sign an NDA with you and provide a redacted summary of our most recent external pen test report, conducted by Immuniweb.

Are you interested in being in touch with our "Legal/Security teams" so they can provide you more information on a high level regarding your inquiries via a meeting. If yes, please log a case with Support and attach this SOTI Central web URL into the case so that Support team can link your case with this post.

Thank you.

Kind Regards,

Similar Discussions