Design/Logic Flaw

The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61Turbo/Z61Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.31 that allows any app co-located on the device to...

Authorization

The BQ 5515L Android device with a build fingerprint of BQru/BQru-5515L/BQru-5515L:8.1.0/O11019/20180409.195525:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify ...

Authorization

The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system propert...

Code injection

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other pre-installed apps...

Design/Logic Flaw

The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88lite/iris88lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the devic...

Input validation

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

Design/Logic Flaw

The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiaomi/sakuraindia/sakuraindia:8.1.0/OPM1.171019.019/V9.6.4.0.ODMMIFD:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app versionCode=1, versionName=QL1715201805292006 that allows any app...

Design/Logic Flaw

The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8.1.0/O11019/1535088037:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to programmatically...

Design/Logic Flaw

The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60s:8.1.0/O11019/1530331229:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app versionCode=400, versionName=v4.0.27 that allows any app co-located on the device to programmaticall...

Authorization

The Coolpad N3C Android device with a build fingerprint of Coolpad/N3C/N3C:8.1.0/O11019/1538236809:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system...

Authorization

The Hisense U965 Android device with a build fingerprint of Hisense/U9654G10/HS6739MT:8.1.0/O11019/HisenseU9654G10S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...

Authorization

The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8.1.0/O11019/1535088037:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system property...

Authorization

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...

Authorization

The Dexp Z250 Android device with a build fingerprint of DEXP/Z250/Z250:8.1.0/O11019/1531130719:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system propert...

Authorization

The Ulefone Armor 5 Android device with a build fingerprint of Ulefone/UlefoneArmor5/UlefoneArmor5:8.1.0/O11019/1528806701:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device...

Authorization

The Advan i6A Android device with a build fingerprint of ADVAN/i6A/i6A:8.1.0/O11019/1523602705:userdebug/test-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system proper...

Authorization

The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61Turbo/Z61Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...

Authorization

The Panasonic Eluga Ray 600 Android device with a build fingerprint of Panasonic/ELUGARay600/ELUGARay600:8.1.0/O11019/1532692680:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the...

Authorization

The Elephone A4 Android device with a build fingerprint of Elephone/A4/A4:8.1.0/O11019/20180530.143559:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a system...

Authorization

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633B/Infinix-X604sprout:8.1.0/O11019/L-IN-180206V64:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device...