PT-2019-14150 · Google+1 · Android+1
Publicado
2019-11-14
·
Atualizado
2019-11-27
·
CVE-2019-15421
CVSS v2.0
2.1
Baixa
| Vetor | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Blackview BV7000 Pro version 7.0
Description
The issue concerns a pre-installed app with a package name of
com.mediatek.factorymode that allows unauthorized modification of wireless settings via a confused deputy attack. This capability can be accessed by any app co-located on the device.Recommendations
For Blackview BV7000 Pro version 7.0, consider removing or disabling the
com.mediatek.factorymode app to prevent unauthorized wireless settings modification.Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Blackview Bv7000 Pro