Xiaomi MI A2 Lite Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:mi:a2_lite_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Mi (60a5be67-ae7d-588b-8dcf-30a3da19041f) |
|---|---|
| Product | A2 Lite Firmware (eed299c2-05f4-5c83-ba97-40b71a303b55) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-15473 |
vulnerable | 2026-06-08 05:12:57.456110 |
Details available
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/jasmine/jasmine_sprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.
Published: 2019-11-14T16:27:50.000Z
Updated: 2024-08-05T00:49:13.510Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15472 |
vulnerable | 2026-06-08 05:12:57.455760 |
Details available
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app (versionCode=28, versionName=9) that allows unauthorized microphone audio recording via a confused deputy attack. This capability can be accessed by any app co-located on the device. This app allows a third-party app to use its open interface to record telephone calls to external storage.
Published: 2019-11-14T16:27:48.000Z
Updated: 2024-08-05T00:49:13.266Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-15468 |
vulnerable | 2026-06-08 05:12:57.450744 |
Details available
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisy_sprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1715_201812071953) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.
Published: 2019-11-14T16:27:43.000Z
Updated: 2024-08-05T00:49:13.507Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.