Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-15027

The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.

Published

2019-08-14T13:15:11.187

Last Modified

2024-11-21T04:27:54.050

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-78
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System mediatek mt8163_firmware - Yes
Hardware mediatek mt8163 - No
Operating System mediatek mt6625_firmware - Yes
Hardware mediatek mt6625 - No
Operating System mediatek mt6577_firmware - Yes
Hardware mediatek mt6577 - No
References