CVE-2019-15453

Name of the Vulnerable Software and Affected Versions Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys com.samsung.android.themecenter app version 7.0.0.0

Description The issue concerns a pre-installed app on the Samsung J4 Android device that allows other pre-installed apps to install apps via an accessible component. This capability can be accessed by any pre-installed app that obtains the required signatureOrSystem permissions.

Recommendations For the Samsung J4 Android device, consider restricting the com.samsung.android.themecenter app's capabilities to prevent unauthorized app installations. For the com.samsung.android.themecenter app version 7.0.0.0, restrict access to the app component that allows app installation to minimize the risk of exploitation.