CVE-2019-15387

Name of the Vulnerable Software and Affected Versions Archos Core 101 Android device with a build fingerprint of archos/MTKAC101CR3G ARCHOS/ac101cr3g:7.0/NRD90M/20180611.034442:user/release-keys

Description The issue concerns a pre-installed app with a package name of com.roco.autogen that allows any co-located app to disable and enable Wi-Fi without the necessary access permission. This is possible due to an exported interface.

Recommendations For the Archos Core 101 Android device, consider disabling the com.roco.autogen app to prevent unauthorized access to Wi-Fi settings until a patch is available. Restricting the use of the exported interface in the com.roco.autogen app can also help minimize the risk of exploitation.