[2017] Zero-Day Vulnerability on Efidroid

If you are an advanced Android user, you probably hear Efidroid, another multiboot solution for Android devices. I think it is the best multiboot solution, because last users dont have to create ext4 partition or virtual img files and modifiying kernel's ramdisk for using multiple roms on same device. Also its installition process quiet simple, you should install Efidroid Manager app from Google Play Store and hit the install button. You can create rom drives from there and install/flash them with your favorite custom recovery solution. (No need to modify custom recovery too)

But it has a big vulnerability, I think. It replaces your default rom's kernel and custom recovery with own images. And backup them on Internal Memory of your device (on /data/media/0/UEFIESP/ folder). These files and folder generally protected against wiping internal memory or formatting data partition or changing default rom etc. But renaming this folder causes empty boot, which users stuck on Efidroid at next reboot and cant boot their devices. This is the vulnerability, because malicious apps, scripts etc easily rename this folder and files and efidroid couldnt defend itself.

I will share details with Efidroid's developer on Slack and he admits this vulnerability like a bug. I hope he will fix this on upcoming updates.