CVE-2019-15441

Name of the Vulnerable Software and Affected Versions Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys com.samsung.android.themecenter app version 7.0.1.0

Description The issue allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device that can obtain signatureOrSystem permissions required by other pre-installed apps that exported their capabilities to other pre-installed apps.

Recommendations For the Samsung on7xeltelgt Android device, consider restricting the com.samsung.android.themecenter app's capabilities to prevent unauthorized app installations. For the com.samsung.android.themecenter app version 7.0.1.0, restrict access to the app component that allows app installation to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.