This paper focuses on the vulnerability found in Android 11 where there is no special permission required to control the minimum allowed window size making it possible for an adversary to create an arbitrary small window which won’t be visible to the users. Using this window, it is possible for an unprivileged application to maintain its foreground stage and bypass security restrictions allowing it to use critical permissions.
Key Pointers:
- What is PIP mode and understanding the vulnerability in Android 11
- Understanding the key terms used throughout this paper
- Mapping the affected and unaffected android versions
- Setting up the virtual environment and performing the exploitation
- Taking a look at some of the mitigations to this vulnerability