CVE-2019-15338

Name of the Vulnerable Software and Affected Versions Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88 lite/iris88 lite:8.1.0/O11019/1536323070:user/release-keys com.android.lava.powersave app version v4.0.27

Description The issue concerns a pre-installed app that allows any co-located app to disable and enable Wi-Fi without the necessary access permission. This is achieved through an exported interface.

Recommendations For the Lava Iris 88 Lite Android device, consider disabling the com.android.lava.powersave app until a patch is available. Restrict access to the Wi-Fi functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.