What is the severity of CVE-2019-15368?

CVE-2019-15368 has a high severity due to the potential for any app on the device to modify the pre-installed app.

How do I fix CVE-2019-15368?

To fix CVE-2019-15368, users should update their device firmware to a version that patches the vulnerability.

Which devices are affected by CVE-2019-15368?

CVE-2019-15368 affects the Coolpad Mega 5 and its associated firmware with the pre-installed vulnerable app.

What type of vulnerability is CVE-2019-15368?

CVE-2019-15368 is a local privilege escalation vulnerability that allows apps to gain unauthorized access to modify system files.

Can CVE-2019-15368 be exploited remotely?

CVE-2019-15368 cannot be exploited remotely; it requires local access to the affected Coolpad device.

Vulnerability/
CVE-2019-15368

medium

5.5

14/11/2019

5/8/2024

CVE-2019-15368

First published: Thu Nov 14 2019(Updated: )

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Coolpad Mega 5 Firmware
Coolpad Mega 5

Never miss a vulnerability like this again

Reference Links

https://www.kryptowire.com/android-firmware-2019/

Frequently Asked Questions

What is the severity of CVE-2019-15368?
CVE-2019-15368 has a high severity due to the potential for any app on the device to modify the pre-installed app.
How do I fix CVE-2019-15368?
To fix CVE-2019-15368, users should update their device firmware to a version that patches the vulnerability.
Which devices are affected by CVE-2019-15368?
CVE-2019-15368 affects the Coolpad Mega 5 and its associated firmware with the pre-installed vulnerable app.
What type of vulnerability is CVE-2019-15368?
CVE-2019-15368 is a local privilege escalation vulnerability that allows apps to gain unauthorized access to modify system files.
Can CVE-2019-15368 be exploited remotely?
CVE-2019-15368 cannot be exploited remotely; it requires local access to the affected Coolpad device.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/coolpad
canonical/coolpad mega 5 firmware
canonical/coolpad mega 5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2019-15368?
CVE-2019-15368 has a high severity due to the potential for any app on the device to modify the pre-installed app.
How do I fix CVE-2019-15368?
To fix CVE-2019-15368, users should update their device firmware to a version that patches the vulnerability.
Which devices are affected by CVE-2019-15368?
CVE-2019-15368 affects the Coolpad Mega 5 and its associated firmware with the pre-installed vulnerable app.
What type of vulnerability is CVE-2019-15368?
CVE-2019-15368 is a local privilege escalation vulnerability that allows apps to gain unauthorized access to modify system files.
Can CVE-2019-15368 be exploited remotely?
CVE-2019-15368 cannot be exploited remotely; it requires local access to the affected Coolpad device.