Threat Analysis Unit (TAU) Threat Intelligence Notification: Estemani Ransomware

Estemani Ransomware’s behavior is similar to other variants of ransomware. It will perform task kill on processes to ensure the encryption of files such as database program SQL server, perform the deletion of volume shadow copies, and disable Windows automatic startup repair to ensure all the dat...

Xiaomi Redmi Note 6 Pro Access Control Error Vulnerability

Xiaomi Redmi Note 6 Pro is a smartphone from Chinese company Xiaomi Technology Xiaomi. The Xiaomi Redmi Note 6 Pro build fingerprint: xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a vulnerability in the com.qualcomm. qti.callenhancement app is vulnerable to...

Infinix Note 5 Access Control Error Vulnerability

Infinix Note 5 is a smartphone from the Chinese company Transn Infinix. The Infinix Note 5 build fingerprint: Infinix/H633IJL/Infinix-X604sprout:8.1.0/O11019/IJL-180531V181:user/release-keys contains an access control error in the com.mediatek.wfo An access control error vulnerability exists in t...

UBUNTU-CVE-2019-19065

A memory leak in the sdmainit function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption by triggering rhashtableinit failures, aka CID-34b3be18a04e. NOTE: This has been disputed as not a vulnerability because...

CVE-2019-15470

The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other...

CVE-2019-15428

The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...

CVE-2019-15385

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633B/Infinix-X604sprout:8.1.0/O11019/L-IN-180206V64:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device...

CVE-2019-15366

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633IJL/Infinix-X604sprout:8.1.0/O11019/IJL-180531V181:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the devi...

CVE-2019-15361

The Infinix Note 5 Android device with a build fingerprint of Infinix/H632C/Infinix-X605sprout:8.1.0/O11019/CE-180914V59:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device t...

Authorization

The Infinix Note 5 Android device with a build fingerprint of Infinix/H632C/Infinix-X605sprout:8.1.0/O11019/CE-180914V59:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device t...

Authorization

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633IJL/Infinix-X604sprout:8.1.0/O11019/IJL-180531V181:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the devi...

Authorization

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633B/Infinix-X604sprout:8.1.0/O11019/L-IN-180206V64:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device...

Design/Logic Flaw

The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...

Design/Logic Flaw

The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other...

CVE-2019-15470

The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of xiaomi/tulip/tulip:8.1.0/OPM1.171019.011/V10.2.2.0.OEKMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=27, versionName=8.1.0 that allows other...

CVE-2019-15470

CVE-2019-15470 involves a pre-installed component on Xiaomi Redmi Note 6 Pro (build tulip 8.1.0) named com.qualcomm.qti.callenhancement. The issue arises because this app exposes an interface that allows other pre-installed apps to perform microphone audio recording via components accessible to a...

CVE-2019-15428

The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi/scorpio/scorpio:6.0.1/MXB48T/7.1.5:user/release-keys contains a pre-installed app with a package name of com.miui.powerkeeper app versionCode=40000, versionName=4.0.00 that allows unauthorized wireless settings modification vi...

CVE-2019-15428

The CVE-2019-15428 entry refers to a vulnerability in the Xiaomi Mi Note 2 where a pre-installed app (com.miui.powerkeeper, versionCode 40000, versionName 4.0.00) enables unauthorized wireless settings modification via a confused deputy attack. Affected device builds are Xiaomi/scorpio/scorpio:6....

CVE-2019-15385

The Infinix Note 5 Android device with a build fingerprint of Infinix/H633B/Infinix-X604sprout:8.1.0/O11019/L-IN-180206V64:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device...

CVE-2019-15385

The CVE-2019-15385 issue affects the Infinix Note 5 running Android, where a pre-installed app (package com.mediatek.wfo.impl, versionCode 27, versionName 8.1.0) exposes an exported interface that allows any co-located app to modify a system property without proper authorization. This is tied to ...