Exported Activity Vulnerability in Vivo V7 Android Device by Vivo
CVE-2018-15001

5.5MEDIUM

Key Information:

Vendor: Vivo
Status: V7 Firmware
Vendor: CVE Published:; 28 December 2018

What is CVE-2018-15001?

The Vivo V7 Android device includes an app component that allows any co-located app to initiate the writing of sensitive logs such as logcat, bluetooth, and kernel logs to external storage. This poses a risk as these logs can contain sensitive user information. Although users receive a notification when logging begins and can cancel it, the authorizing app cannot be disabled, allowing logged information to be accessed by any app granted the necessary permissions. This vulnerability underscores the importance of app isolation and permission management in maintaining device security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.kryptowire.com/portal/wp-content/uploads/2018...

x_refsource_MISC

https://www.kryptowire.com/portal/android-firmware-defcon...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 28, 2018
Vulnerability Reserved
Aug 5, 2018

JSON

Vivo

What is CVE-2018-15001?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.