CVE-2019-1994


02/28/2019

CVE-2019-1994

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924.

Attack vector: 
Network

Product: 

  • google: android
  • google: android
  • google: android

References: 
https://source.android.com/security/bulletin/2019-02-01

Severity: 
High

CVSS Score: 
9.3

CVSS Vector: 
(AV:N/AC:M/Au:N/C:C/I:C/A:C)



Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *