CVE-2019-2196

MEDIUM

Android -8.0, -8.1, -9, -10 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-2196. PoCs published by IOActive.

AI-analyzed exploit summary This repository contains a functional PoC exploit for CVE-2019-2196, demonstrating SQL injection in Android's Download Provider via the sort parameter. The exploit dumps sensitive data from the downloads database by leveraging blind SQL injection techniques.

Description

In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143

Exploits (1)

nomisec WORKING POC 2 stars

by IOActive · poc

https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiLimit

View Code ZIP pw:eip

This repository contains a functional PoC exploit for CVE-2019-2196, demonstrating SQL injection in Android's Download Provider via the sort parameter. The exploit dumps sensitive data from the downloads database by leveraging blind SQL injection techniques.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Android (AOSP) Download Provider

No auth needed

Prerequisites: Access to an affected Android device or emulator

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://source.android.com/security/bulletin/2019-11-01

Scores

CVSS v3 5.5

EPSS 0.0040

EPSS Percentile 32.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-89

Status published

Products (4)

google/android 8.0

google/android 8.1

google/android 9.0

google/android 10.0

Published Nov 13, 2019

Tracked Since Feb 18, 2026