PT-2019-14150 · Google+1 · Android+1

Published

2019-11-14

Updated

2019-11-27

CVE-2019-15421

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Blackview BV7000 Pro version 7.0

Description The issue concerns a pre-installed app with a package name of com.mediatek.factorymode that allows unauthorized modification of wireless settings via a confused deputy attack. This capability can be accessed by any app co-located on the device.

Recommendations For Blackview BV7000 Pro version 7.0, consider removing or disabling the com.mediatek.factorymode app to prevent unauthorized wireless settings modification.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-610

Related Identifiers

CVE-2019-15421

Affected Products

Android

Blackview Bv7000 Pro

PT-2019-14150 · Google+1 · Android+1

CVE-2019-15421

Weakness Enumeration

Related Identifiers

Affected Products

References · 2