CVE-2019-16253
HIGHSamsungTTS <3.0.02.7 & 3.0.00.101 - Privilege Escalation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2019-16253. PoCs published by k0mraid3.
AI-analyzed exploit summary This repository provides a functional exploit for CVE-2019-16253, leveraging a privilege escalation vulnerability in Samsung's TTS engine. The exploit involves downgrading the TTS app to a vulnerable version and executing arbitrary code with system privileges (UID 1000) via a crafted APK and ADB commands.
Description
The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.
Exploits (1)
This repository provides a functional exploit for CVE-2019-16253, leveraging a privilege escalation vulnerability in Samsung's TTS engine. The exploit involves downgrading the TTS app to a vulnerable version and executing arbitrary code with system privileges (UID 1000) via a crafted APK and ADB commands.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H