ID
VAR-201911-0520
CVE
CVE-2019-15355
TITLE
Tecno Camon iClick Android Lack of authentication on device
Trust: 0.8
DESCRIPTION
The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization. Tecno Camon iClick Android The device is vulnerable to a lack of authentication.Information may be tampered with. Tecno Camon iClick is a smartphone from China Transsion. Tecno Camon iClick has an unknown vulnerability. An attacker could use this vulnerability to modify system properties
Trust: 2.25
IOT TAXONOMY
| category: | ['IoT'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | tecno | model: | camon iclick | scope: | - | version: | - | Trust: 1.4 |
| vendor: | tecno mobile | model: | camon iclick | scope: | eq | version: | - | Trust: 1.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-noinfo | Trust: 1.0 |
| problemtype: | CWE-862 | Trust: 0.8 |
THREAT TYPE
local
Trust: 0.6
TYPE
other
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | CAMON iCLICK | url: | https://www.tecno-mobile.in/tecno-camon-i-click | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-15355 | Trust: 3.1 |
| db: | JVNDB | id: | JVNDB-2019-012345 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2020-14797 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201911-856 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2019-15355 | Trust: 0.1 |
REFERENCES
| url: | https://www.kryptowire.com/android-firmware-2019/ | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-15355 | Trust: 2.0 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15355 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
SOURCES
| db: | CNVD | id: | CNVD-2020-14797 |
| db: | VULMON | id: | CVE-2019-15355 |
| db: | JVNDB | id: | JVNDB-2019-012345 |
| db: | CNNVD | id: | CNNVD-201911-856 |
| db: | NVD | id: | CVE-2019-15355 |
LAST UPDATE DATE
2024-11-23T22:11:46.586000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-14797 | date: | 2020-03-01T00:00:00 |
| db: | VULMON | id: | CVE-2019-15355 | date: | 2020-08-24T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-012345 | date: | 2019-11-29T00:00:00 |
| db: | CNNVD | id: | CNNVD-201911-856 | date: | 2020-08-25T00:00:00 |
| db: | NVD | id: | CVE-2019-15355 | date: | 2024-11-21T04:28:31.813 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-14797 | date: | 2020-03-01T00:00:00 |
| db: | VULMON | id: | CVE-2019-15355 | date: | 2019-11-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-012345 | date: | 2019-11-29T00:00:00 |
| db: | CNNVD | id: | CNNVD-201911-856 | date: | 2019-11-14T00:00:00 |
| db: | NVD | id: | CVE-2019-15355 | date: | 2019-11-14T17:15:16.520 |