ASUS ASUS_X00K_1 Access Control Error Vulnerability

The ASUS ZenFone 3 Ultra is a smartphone from Asus ASUS of Taiwan, China. Asus ZenFone 3 Ultra build fingerprint: asus/WWPhone/ASUSA001:7.0/NRD90M/14.1010.1804.75-20180612: user/release-keys in the com.asus. An access control error vulnerability exists in the loguploaderproxy app. The vulnerabili...

CVE-2019-15397

The Asus ZenFone Max 4 Android device with a build fingerprint of asus/WWPhone/ASUSX00HD4:7.1.1/NMF26F/14.2016.1803.373-20180308:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

Command injection

The Asus ASUSA002 Android device with a build fingerprint of asus/WWASUSA002/ASUSA002:7.0/NRD90M/14.1600.1805.51-20180626:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

Command injection

The Asus ZenFone 3 Laser Android device with a build fingerprint of asus/WWmsm8937/msm8937:7.1.1/NMF26F/WW32.40.106.11420180928:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

CVE-2019-15412

The CVE-2019-15412 entry concerns the Asus ZenFone 4 Selfie. A pre-installed component, com.asus.loguploaderproxy (versionCode 1570000020, versionName 7.0.0.4_170901) exposes an accessible app component that can be used by other pre-installed apps to perform command execution. This capability is ...

CVE-2019-15412

The Asus ZenFone 4 Selfie Android device with a build fingerprint of asus/WWZ01M/ASUSZ01M1:7.1.1/NMF26F/WW71.50.395.5720180913:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

CVE-2019-15410

The CVE-2019-15410 entry concerns the Asus ZenFone 5Q (ASUS_X017D) with a pre-installed component com.asus.loguploaderproxy. The underlying issue enables other pre-installed apps to execute commands via an accessible app component, exploiting signatureOrSystem permissions shared among pre-install...

CVE-2019-15408

CVE-2019-15408 affects Asus ZenFone 5 Lite. A pre-installed app (com.asus.loguploaderproxy) exposes a component that allows other pre-installed apps to perform command execution, reachable by any app with signatureOrSystem permissions. Root cause: exported capability of a pre-installed app. Impac...

CVE-2019-15411

The Asus ZenFone 3 Laser Android device with a build fingerprint of asus/WWmsm8937/msm8937:7.1.1/NMF26F/WW32.40.106.11420180928:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...