CVE-2019-1994
Summary
| CVE | CVE-2019-1994 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-02-28 17:29:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924. |
Risk And Classification
Problem Types: CWE-1188
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Android | 8.0 | All | All | All | |
| Operating System | Android | 8.1 | All | All | All | |
| Operating System | Android | 9.0 | All | All | All | |
| Operating System | Android | 8.0 | All | All | All | |
| Operating System | Android | 8.1 | All | All | All | |
| Operating System | Android | 9.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Google Android System Component Multiple Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Android Security Bulletin — February 2019 | Android Open Source Project | CONFIRM | source.android.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.