PT-2019-14088 · Haier+1 · Haier A6+1

Published

2019-11-14

Updated

2020-08-24

CVE-2019-15359

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys

Description The issue concerns a pre-installed app with a package name of com.mediatek.wfo.impl that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.

Recommendations For the Haier A6 Android device with the specified build fingerprint, consider restricting access to the com.mediatek.wfo.impl app to minimize the risk of exploitation until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-15359

Affected Products

Android

Haier A6

PT-2019-14088 · Haier+1 · Haier A6+1

CVE-2019-15359

Related Identifiers

Affected Products

References · 2