CVE-2019-15450

Name of the Vulnerable Software and Affected Versions Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys com.samsung.android.themecenter app version 7.0.1.0

Description The issue allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device that can obtain signatureOrSystem permissions required by other pre-installed apps that exported their capabilities.

Recommendations For the Samsung j3popeltecan Android device, consider restricting the com.samsung.android.themecenter app's ability to install other apps until a patch is available. As a temporary workaround, restrict access to the com.samsung.android.themecenter app to minimize the risk of exploitation.