Trending CVEs for the Week of July 29th, 2019
CVE-2019-2107 – Android devices could be hacked by playing a video
This vulnerability could lead to remote code execution with no additional execution privileges needed. CVE-2019-2107 flaw is in the Android media framework, playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution flaw.
Exploitation and Risk
Potentially an attacker could develop an exploit to remotely execute arbitrary code.
Google addressed the flaw in the July 2019 Android Security Advisor, however, millions of people still can be effected.