Lucene search

[email protected]NVD:CVE-2019-12762

HistoryJun 06, 2019 - 8:29 p.m.

CVE-2019-12762

2019-06-0620:29:02

[email protected]

web.nvd.nist.gov

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

13.2%

JSON

Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.

Affected configurations

Nvd

Node

mimi_5s_plus_firmwareMatch-

AND

mimi_5s_plusMatch-

Node

sonyxperia_z4_firmwareMatch-

AND

sonyxperia_z4Match-

Node

samsunggalaxy_s6_edge_firmwareMatch-

AND

samsunggalaxy_s6_edgeMatch-

Node

samsunggalaxy_s4_firmwareMatch-

AND

samsunggalaxy_s4Match-

Node

googlenexus_7_firmwareMatch-

AND

googlenexus_7Match-

Node

googlenexus_9_firmwareMatch-

AND

googlenexus_9Match-

Node

sharpaquos_zeta_sh-04f_firmwareMatch-

AND

sharpaquos_zeta_sh-04fMatch-

Node

fujitsuarrows_nx_f05-f_firmwareMatch-

AND

fujitsuarrows_nx_f05-fMatch-

VendorProductVersionCPE
mimi_5s_plus_firmware-cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*
mimi_5s_plus-cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*
sonyxperia_z4_firmware-cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*
sonyxperia_z4-cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*
samsunggalaxy_s6_edge_firmware-cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_s6_edge-cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*
samsunggalaxy_s4_firmware-cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*
samsunggalaxy_s4-cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*
googlenexus_7_firmware-cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*
googlenexus_7-cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mi	mi_5s_plus_firmware	-	cpe:2.3:o:mi:mi_5s_plus_firmware:-:::::::*
mi	mi_5s_plus	-	cpe:2.3:h:mi:mi_5s_plus:-:::::::*
sony	xperia_z4_firmware	-	cpe:2.3:o:sony:xperia_z4_firmware:-:::::::*
sony	xperia_z4	-	cpe:2.3:h:sony:xperia_z4:-:::::::*
samsung	galaxy_s6_edge_firmware	-	cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:::::::*
samsung	galaxy_s6_edge	-	cpe:2.3:h:samsung:galaxy_s6_edge:-:::::::*
samsung	galaxy_s4_firmware	-	cpe:2.3:o:samsung:galaxy_s4_firmware:-:::::::*
samsung	galaxy_s4	-	cpe:2.3:h:samsung:galaxy_s4:-:::::::*
google	nexus_7_firmware	-	cpe:2.3:o:google:nexus_7_firmware:-:::::::*
google	nexus_7	-	cpe:2.3:h:google:nexus_7:-:::::::*

Rows per page:

1-10 of 161

References

hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/

medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.2

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

4.6

Confidence

High

EPSS

Percentile

13.2%

JSON

Related for NVD:CVE-2019-12762

cve1 cvelist1 prion1