On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.
References
Link | Resource |
---|---|
https://www.nccgroup.trust/uk/our-research/?research=Technical+advisories | Third Party Advisory |
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-alcatel-flip-2/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-26T15:30:15
Updated: 2019-11-26T15:30:15
Reserved: 2019-09-11T00:00:00
Link: CVE-2019-16242
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-11-26T16:15:12.370
Modified: 2019-12-10T17:11:16.377
Link: CVE-2019-16242
JSON object: View
Redhat Information
No data.
CWE