PT-2019-16014 · Google · Android
Publicado
2019-02-28
·
Atualizado
2020-08-24
·
CVE-2019-1994
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions 8.0 through 9
Description
The issue arises from an insecure default value in the refresh of DevelopmentTiles.java, potentially leaving development settings accessible. This could result in unwanted access to these settings without requiring additional execution privileges. Exploitation requires user interaction.
Recommendations
For Android versions 8.0 through 9, consider restricting access to development settings as a temporary mitigation measure until a fix is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android