cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-15414,https://securityvulnerability.io/vulnerability/CVE-2019-15414,Command Injection Vulnerability in Asus ZenFone AR by Asus,"The Asus ZenFone AR Android device is impacted by a command injection vulnerability due to a pre-installed application, com.asus.splendidcommandagent. This app permits other pre-installed applications to execute commands through an exposed app component. Any other pre-installed app with the requisite signature or system permissions can exploit this vulnerability, enabling unauthorized access and execution of commands. This poses significant security risks if malicious apps gain access to this capability, potentially compromising user data and device integrity. Organizations and users must update their devices to mitigate potential threats.",Asus,Zenfone Ar Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:23.000Z,0
CVE-2019-15402,https://securityvulnerability.io/vulnerability/CVE-2019-15402,Command Execution Vulnerability in Asus Android Device,"The Asus ASUS_A002_2 Android device is susceptible to a command execution vulnerability due to a pre-installed app, com.asus.loguploaderproxy, allowing other pre-installed apps to gain unauthorized access to its functionalities. This vulnerability arises when any pre-installed app that has signature or system privileges can exploit the exported capabilities of other pre-installed apps. Consequently, this could lead to potential malicious activities within the device, emphasizing the importance of timely security updates and vulnerability management for users.",Asus,Zenfone Ar Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:06.000Z,0
CVE-2019-15401,https://securityvulnerability.io/vulnerability/CVE-2019-15401,Command Execution Vulnerability in Asus Android Device,"The Asus ASUS_A002 Android device contains a pre-installed application that exposes a significant security risk by allowing unauthorized command execution. Specifically, the app, identified as com.asus.loguploaderproxy, can be exploited by any other pre-installed application with sufficient permissions. This vulnerability arises from the export of app component capabilities, enabling malicious pre-installed apps to perform actions unexpectedly on behalf of users. It highlights the importance of app isolation and stringent permissions for maintaining device security.",Asus,Zenfone Ar Firmware,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-11-14T16:26:05.000Z,0