Google Android CHANGE_NETWORK_STATE Permission Arbitrary File Manipulation
Mobile Phone / Hand-held Device
Loss of Integrity
Google Android contains a flaw due to the CHANGE_NETWORK_STATE permission that will allow an application to write '0', '1', or '2' to arbitrary files. This may allow a remote attacker to more easily gain access to information stored in plaintext or in the sysfs.
It has been reported that this issue has been fixed. Upgrade to Jelly Bean (4.2) or higher, to address this vulnerability.