RSS   Vulnerabilities for 'Mt8163 firmware'   RSS

2019-08-14
 
CVE-2019-15027

CWE-77
 

 
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.

 

 >>> Vendor: Mediatek 5 Products
Awus036nh firmware
Mt6577 firmware
Mt6625 firmware
Mt8163 firmware
Linkit software development kit


Copyright 2024, cxsecurity.com

 

Back to Top