CVE-2019-15379

Name of the Vulnerable Software and Affected Versions Walton Primo G3 Android device with a build fingerprint of WALTON/Primo GM3/Primo GM3:8.1.0/O11019/1522737198:user/release-keys

Description The issue concerns a pre-installed app with a package name of com.mediatek.wfo.impl that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.

Recommendations For the Walton Primo G3 Android device, consider restricting access to the com.mediatek.wfo.impl app to minimize the risk of exploitation. As a temporary workaround, consider disabling the exported interface of the com.mediatek.wfo.impl app until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.