Cellebrite mobile forensics tool Ufed contains multiple flaws that allow arbitrary code execution on the device, SIGNAL creator warns. The popular cryptographer and researcher Moxie Marlinspike claims the list of customers of the company includes authoritarian regimes in Belarus, Russia, Venezuela, and China, death squads in Bangladesh, and military juntas in Myanmar. The flaw could be exploited in multiple ways by simply including a specially formatted but otherwise innocuous file in any app on a device that when parsed by Cellebraite software could trigger the exploit.”]
Source: https://securityaffairs.co/wordpress/117116/mobile-2/cellebrite-forensics-tool-flaw.html