Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 5, 2024
CVE-2019-15027
CVE-2019-15027
Description
The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clear_emmc_nomedia_entry in platform/mt6577/external/meta/emmc/meta_clr_emmc.c invokes 'system("/system/bin/rm -r /data/' followed by this filename upon an eMMC clearance from a Meta Mode boot. NOTE: compromise of Fire OS on the Amazon Echo Dot would require a second hypothetical vulnerability that allows creation of the required file under /data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- MediaTek/Embedded Multimedia Card (eMMC) subsystem for Androiddescription
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.