Vulnerability Details CVE-2019-16242
On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineering application named omamock that is vulnerable to OS command injection. An attacker with physical access to the device can abuse this vulnerability to execute arbitrary OS commands as the root user via the application's UI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.2
References
- https://www.nccgroup.trust/uk/our-research/?research=Technical+advisories
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-alcatel-flip-2/
- https://www.nccgroup.trust/uk/our-research/?research=Technical+advisories
- https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-alcatel-flip-2/
Products affected by CVE-2019-16242
-
cpe:2.3:h:alcatelmobile:cingular_flip_2:-
-
cpe:2.3:o:alcatelmobile:cingular_flip_2_firmware:b9huah1