Severe Vulnerability in Tecno Camon Android Devices with Pre-installed App
CVE-2019-15349

7.8HIGH

Key Information:

Vendor: Tecno-mobile
Status: Tecno\/h612\/tecno-id5a\
Vendor: CVE Published:; 14 November 2019

Summary

The vulnerability arises from a pre-installed platform app on Tecno Camon Android devices, which encompasses an exported service allowing arbitrary code execution. Any application located on the same device can load and execute Dalvik Executable files within the process space of the vulnerable app, thereby gaining system-level privileges. This flaw threatens users by permitting malicious apps to perform a variety of harmful actions, such as recording screen activity, factory resetting the device, accessing user notifications, reading logs, and even logging keystrokes by changing the default keyboard to a malicious alternative, all without requiring user permissions. The presence of this app, which cannot be disabled by the user, significantly increases the risk of sensitive data compromise.

References

https://www.kryptowire.com/android-firmware-2019/

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 14, 2019
Vulnerability Reserved
Aug 22, 2019