CVE-2019-15027
Severity CVSS v4.0:
Pending analysis
Type:
CWE-78
OS Command Injections
Publication date:
14/08/2019
Last modified:
24/08/2020
Description
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:mediatek:mt8163_firmware:-:*:*:*:*:android:*:* | ||
| cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:android:*:* | ||
| cpe:2.3:o:mediatek:mt6625_firmware:-:*:*:*:*:android:*:* | ||
| cpe:2.3:h:mediatek:mt6625:-:*:*:*:*:android:*:* | ||
| cpe:2.3:o:mediatek:mt6577_firmware:-:*:*:*:*:android:*:* | ||
| cpe:2.3:h:mediatek:mt6577:-:*:*:*:*:android:*:* |
To consult the complete list of CPE names with products and versions, see this page