Vulnerabilities > CVE-2019-15371 - Unspecified vulnerability in Symphony-Mobile G100 Firmware

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
local
low complexity
symphony-mobile

Summary

The Symphony G100 Android device with a build fingerprint of Symphony/G100/G100:8.1.0/O11019/1530618779:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app (versionCode=27, versionName=8.1.0) that allows any app co-located on the device to modify a system property through an exported interface without proper authorization.

Vulnerable Configurations

Part Description Count
OS
Symphony-Mobile
1
Hardware
Symphony-Mobile
1