Exploit Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on April 21st, 2019 📆 | 7661 Views ⚑

0

Google Android up to 9.0 libmpeg2 Remote Code Execution

CVSS Meta Temp Score Current Exploit Price (≈)
6.0 $5k-$25k

A vulnerability classified as critical has been found in Google Android up to 9.0 (Smartphone Operating System). Affected is an unknown function of the component libmpeg2. The manipulation with an unknown input leads to a privilege escalation vulnerability (Code Execution). CWE is classifying the issue as CWE-269. This is going to have an impact on confidentiality, integrity, and availability.

The weakness was released 04/19/2019. The advisory is available at source.android.com. This vulnerability is traded as CVE-2019-2028 since 12/10/2018. It is possible to launch the attack remotely. The exploitation doesn’t require any form of authentication. Successful exploitation requires user interaction by the victim. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $5k-$25k at the moment (estimation calculated on 04/20/2019). It is expected to see the exploit prices for this product increasing in the near future.

Applying a patch is able to eliminate this problem.

Entries connected to this vulnerability are available at 133864, 133865, 133867 and 133868.

Vendor

Name

VulDB Meta Base Score: 6.3
VulDB Meta Temp Score: 6.0

VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: ?
VulDB Reliability: ?


VulDB Base Score: ?
VulDB Temp Score: ?
VulDB Reliability: ?
Class: Privilege escalation / Code Execution (CWE-269)
Local: No
Remote: Yes

Availability: ?
Status: Not defined

Price Prediction: ?
Current Price Estimation: ?

Threat Intelligenceinfoedit

Threat: ?
Adversaries: ?
Geopolitics: ?
Economy: ?
Predictions: ?
Remediation: ?Recommended: Patch
Status: ?
0-Day Time: ?12/10/2018 CVE assigned
04/19/2019 +130 days Advisory disclosed
04/20/2019 +1 days VulDB entry created
04/20/2019 +0 days VulDB last updateAdvisory: source.android.com

CVE: CVE-2019-2028 (?)
scip Labs: https://www.scip.ch/en/?labs.20150917
See also: ?

Created: 04/20/2019 07:27 AM
Complete: ?

Comments

No comments yet. Please log in to comment.

See the underground prices here!

https://vuldb.com/?id.133866

Download WordPress Themes Free
Download Premium WordPress Themes Free
Download WordPress Themes
Download Premium WordPress Themes Free
udemy course download free

Tagged with:



Leave a Reply ✍


loading...