43 matches found
CVE-2018-14997
The Leagoo P1 Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework i.e., systemserver with a package name of android that has been modified by Leagoo or another entity in the supply chain. The systemserv...
EUVD-2019-6364
Malware in sbrugna...
EUVD-2018-6866
Malware in sbrugna...
EUVD-2018-6867
Malware in sbrugna...
EUVD-2018-6879
Malware in sbrugna...
EUVD-2018-6881
Malware in sbrugna...
EUVD-2018-6880
Malware in sbrugna...
EUVD-2018-6868
Malware in sbrugna...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
CVE-2018-14999
The Leagoo P1 device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory versionCode=1, versionName=1.0 that contains an exported broadcast receiver named...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
Authorization
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
CVE-2019-15363
The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/Power5/Power5:8.1.0/O11019/1532686195:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...
CVE-2019-15363
CVE-2019-15363 affects the Leagoo Power 5 Android device (build fingerprint LEAGOO/Power_5/Power_5:8.1.0/O11019/1532686195:user/release-keys). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that allows any co-located app to mod...
CVE-2018-14999
The Leagoo P1 device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory versionCode=1, versionName=1.0 that contains an exported broadcast receiver named...
CVE-2018-14997
The Leagoo P1 Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework i.e., systemserver with a package name of android that has been modified by Leagoo or another entity in the supply chain. The systemserv...
Design/Logic Flaw
The Leagoo P1 device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory versionCode=1, versionName=1.0 that contains an exported broadcast receiver named...
Authentication flaw
The Leagoo P1 Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains the android framework i.e., systemserver with a package name of android that has been modified by Leagoo or another entity in the supply chain. The systemserv...
CVE-2018-14999
The CVE-2018-14999 entry describes a vulnerability in the Leagoo P1 where a pre-installed platform app com.wtk.factory contains an exported broadcast receiver (MMITestReceiver) that lets any co-located app trigger a factory reset without permissions. This could wipe all user data and apps on the ...
CVE-2018-14999
The Leagoo P1 device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.wtk.factory versionCode=1, versionName=1.0 that contains an exported broadcast receiver named...