PT-2019-9082 · Zte+2 · Zte Zmax Pro+2
Publicado
2019-04-25
·
Atualizado
2019-05-02
·
CVE-2018-14991
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Coolpad Defiant version 7.1.1
ZTE ZMAX Pro version 6.0.1
T-Mobile Revvl Plus version 7.1.1
Description
The issue concerns a pre-installed Rich Communication Services (RCS) app with a package name of
com.suntek.mway.rcs.app.service and com.rcs.gsma.na.sdk. This app has an exported content provider named com.suntek.mway.rcs.app.service.provider.message.MessageProvider and com.rcs.gsma.na.provider.message.MessageProvider, allowing any co-located app to access the user's text messages without permission. The app cannot be disabled by the user, and the attack can be performed by an app with zero permissions.Recommendations
For Coolpad Defiant version 7.1.1, consider restricting access to the
com.suntek.mway.rcs.app.service and com.rcs.gsma.na.sdk packages until a patch is available.
For ZTE ZMAX Pro version 6.0.1, restrict access to the com.suntek.mway.rcs.app.service and com.rcs.gsma.na.sdk packages until a patch is available.
For T-Mobile Revvl Plus version 7.1.1, restrict access to the com.suntek.mway.rcs.app.service and com.rcs.gsma.na.sdk packages until a patch is available.
As a temporary workaround, consider disabling the MessageProvider content provider until a patch is available.Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Coolpad Defiant
T-Mobile Revvl Plus
Zte Zmax Pro