PT-2019-14364 · Softbank+2 · Jp.Softbank.Mb.Tdrl+2
Publicado
2019-11-14
·
Atualizado
2019-11-19
·
CVE-2019-15744
CVSS v2.0
2.1
Baixa
| Vetor | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Sony Xperia XZs Android device with a build fingerprint of Sony/keyaki softbank/keyaki softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys
jp.softbank.mb.tdrl app version 1.3.0
Description
The issue allows unauthorized modification of wireless settings via a confused deputy attack. This capability can be accessed by any app co-located on the device.
Recommendations
For the Sony Xperia XZs Android device, consider restricting access to the jp.softbank.mb.tdrl app until a patch is available.
For the jp.softbank.mb.tdrl app version 1.3.0, avoid using the app for sensitive operations until the issue is resolved.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Sony Xperia Xzs
Jp.Softbank.Mb.Tdrl