Tecno Spark Pro Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:tecno:spark_pro_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Tecno (6b746d30-5c53-51a4-a61c-914cbfe53e0e) |
|---|---|
| Product | Spark Pro Firmware (e6b76b69-f149-5ffd-94a1-acd6e536adea) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-15417 |
vulnerable | 2026-06-03 14:39:47.678591 |
Details available
The Tecno Spark Pro Android device with a build fingerprint of TECNO/H3722/TECNO-K8:7.0/NRD90M/K8-H3722ABCDE-N-171229V96:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=7, versionName=7.0.5) that allows unauthorized dynamic code loading via a confused deputy attack. This capability can be accessed by any app co-located on the device.
Published: 2019-11-14T16:26:27.000Z
Updated: 2024-08-05T00:49:12.865Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.