First published: Wed Aug 14 2019(Updated: )
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mediatek Mt8163 Firmware | ||
Mediatek Mt8163 | ||
Mediatek Mt6625 Firmware | ||
Mediatek Mt6625 | ||
Mediatek Mt6577 Firmware | ||
Mediatek Mt6577 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-15027 is a vulnerability in the MediaTek Embedded Multimedia Card (eMMC) subsystem that allows attackers to execute arbitrary commands as root on Android devices.
CVE-2019-15027 has a severity rating of 9.8, which is classified as critical.
CVE-2019-15027 affects devices running MediaTek MT65xx, MT66xx, and MT8163 SoC firmware.
The vulnerability can be exploited by using shell metacharacters in a filename under the /data directory to execute arbitrary commands as root.
At the time of writing, there are no known fixes or patches available for CVE-2019-15027. It is recommended to follow the recommendations provided by the vendor and security advisories.