Unauthenticated Root Shell Access and Covert Screen Data Capture Vulnerability in DTEN D5 and D7 Devices

Unauthenticated Root Shell Access and Covert Screen Data Capture Vulnerability in DTEN D5 and D7 Devices

CVE-2019-16273 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS.

Learn more about our Cis Benchmark Audit For Google Android.