Vulnerability in Tecno Camon Android Device with Pre-installed App
CVE-2019-15348

7.8HIGH

Key Information:

Vendor: Tecno-mobile
Status: Tecno\/h612\/tecno-id5a\
Vendor: CVE Published:; 14 November 2019

🔔 Create Tecno-mobile Vulnerability Alert

What is CVE-2019-15348?

The Tecno Camon Android device features a pre-installed application that exposes a critical security vulnerability. The app includes an exported service that allows any app on the device to execute arbitrary shell commands as the system user, presenting severe security risks. These commands can be triggered by simply writing a designated message to the logcat log. Since the app cannot be disabled by users, a malicious app can exploit this vulnerability without requiring permissions. The consequences may include unauthorized access to sensitive user data, manipulation of device settings, and full control over the device's functions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.kryptowire.com/android-firmware-2019/

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Aug 22, 2019

JSON

Tecno-mobile

What is CVE-2019-15348?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.