CVE-2019-15415 in Redmi 5
Summary
by MITRE
The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app (versionCode=1, versionName=QL1711_201803291645) that allows unauthorized wireless settings modification via a confused deputy attack. This capability can be accessed by any app co-located on the device.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 02/20/2024
The vulnerability described in CVE-2019-15415 represents a critical security flaw in the Xiaomi Redmi 5 Android device that stems from improper privilege management within a pre-installed factory application. This issue manifests through a confused deputy attack vector that allows any malicious application co-located on the device to manipulate wireless settings without proper authorization. The affected application com.huaqin.factory operates with elevated privileges that should be restricted to system-level components only, creating an exploitable gap in the device's security architecture.
The technical implementation of this vulnerability involves a classic confused deputy problem where the legitimate factory application fails to properly validate the identity of requesting components. This allows unauthorized applications to forge requests that appear to originate from the trusted factory application, thereby bypassing normal access controls. The vulnerability specifically affects devices with the build fingerprint xiaomi/vince/vince:7.1.2/N2G47H/V9.5.4.0.NEGMIFA and is present in the factory app version QL1711_201803291645. The flaw exists in the Android permission model where the application does not properly enforce the principle of least privilege, enabling arbitrary apps to perform actions that should be restricted to system components only.
From an operational impact perspective, this vulnerability creates significant security risks for users of affected devices as it allows malicious applications to modify wireless settings including Wi-Fi, Bluetooth, and cellular configurations without user consent or knowledge. Attackers can exploit this weakness to establish persistent backdoors, redirect network traffic, or disable security features that protect the device from further compromise. The attack surface is particularly concerning because it requires no special privileges or root access, making it accessible to any application that happens to be installed on the device. This weakness directly violates the security principle that system-level modifications should require explicit user consent and appropriate authentication mechanisms.
The vulnerability aligns with CWE-284 (Improper Access Control) and represents a failure in the Android security model's enforcement of permission boundaries. It also maps to ATT&CK technique T1068 (Exploitation for Privilege Escalation) and T1546 (Event Triggered Execution) as attackers can leverage this weakness to gain elevated privileges and establish persistent access. Organizations and users should immediately implement mitigations including disabling or removing the vulnerable factory application, updating to newer firmware versions where available, and monitoring for suspicious network activity. The recommended remediation approach involves either patching the affected application through official firmware updates or implementing application whitelisting policies that prevent unauthorized apps from executing with elevated privileges on the device.