Explore a critical Android security vulnerability in this Hack In The Box Security Conference talk. Dive into the "Waterdrop" vulnerability (CVE-2019-2025) affecting the Binder driver, a key component of the Android system. Learn about its three striking features: universal root solution potential, sandbox escalation capabilities, and arbitrary read/write functionality. Discover how this vulnerability impacts most Android devices from the past two years, including Google Pixel models, Samsung, Huawei, and OPPO. Follow the speakers as they demonstrate successful rooting of the latest Pixel 3XL, 2XL, and Pixel devices. Gain insights into the Binder driver, IPC processes, and various heap spraying techniques used in exploiting this vulnerability. Understand the impact and implications of this security flaw on Android devices running kernel versions 3.18 to 4.20.