1 results (0.002 seconds)
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15743
https://notcve.org/view.php?id=CVE-2019-15743
14 Nov 2019 — The Sony Xperia Touch Android device with a build fingerprint of Sony/blanc_windy/blanc_windy:7.0/LOIRE-SMART-BLANC-1.0.0-170530-0834/1:user/dev-keys contains a pre-installed app with a package name of com.sonymobile.android.maintenancetool.testmic app (versionCode=24, versionName=7.0) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record audi... • https://www.kryptowire.com/android-firmware-2019 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •