PT-2019-16014 · Google · Android

Published

2019-02-28

Updated

2020-08-24

CVE-2019-1994

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android versions 8.0 through 9

Description The issue arises from an insecure default value in the refresh of DevelopmentTiles.java, potentially leaving development settings accessible. This could result in unwanted access to these settings without requiring additional execution privileges. Exploitation requires user interaction.

Recommendations For Android versions 8.0 through 9, consider restricting access to development settings as a temporary mitigation measure until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188

Related Identifiers

CVE-2019-1994

Affected Products

Android

PT-2019-16014 · Google · Android

CVE-2019-1994

Weakness Enumeration

Related Identifiers

Affected Products

References · 4