CVE-2019-1994

2019-02-2817:00:00

google_android

www.cve.org

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

55.0%

JSON

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924.

CNA Affected

[
  {
    "product": "Android",
    "vendor": "Android",
    "versions": [
      {
        "status": "affected",
        "version": "Android-8.0 Android-8.1 Android-9"
      }
    ]
  }
]

References

www.securityfocus.com/bid/106946

source.android.com/security/bulletin/2019-02-01