Main Vulnerability Database SB2019080641

SB2019080641 - Improper access control in nVidia SHIELD TV

Published: August 6, 2019 Updated: August 7, 2019

Security Bulletin ID SB2019080641

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper access control (CVE-ID: CVE-2019-5682)

The vulnerability allows a local attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions in the Games App where it improperly exports an Activity but does not properly restrict which applications can launch the Activity. A local authenticated attacker can gain unauthorized access to the application.

This vulnerability may lead to code execution or denial of service.

Remediation

Install update from vendor's website.

References

https://nvidia.custhelp.com/app/answers/detail/a_id/4804