CVE-2019-12762

Published Jun 6, 2019

Last updated a year ago

Overview

Description: Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.2
Impact score: 3.6
Exploitability score: 0.5
Vector string: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 1.9
Impact score: 2.9
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0D0C125-DF98-4616-9957-16F9F4A37DFA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2C8D05B-B851-41BD-A0C7-ED4B47A4CAA1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BE6C7CA-1A0A-46D1-8807-476E8014F5C0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB52A381-4094-483C-BC6F-01E81BB2D3C3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7D8A184-3F01-49A1-98BE-B735296383B1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "64C60E27-871F-4B77-87A5-9F9F20DCA2D3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5612A23E-43B3-4B13-89C1-6178C1737DAB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "717D895C-E64D-4E0E-9F4A-9B191E6388B6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "183D2632-2F2A-4B17-9617-92509C31B702"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12357E84-6FAE-4C6B-8FD3-BD5457DBBBCE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:nexus_9_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "852FB43E-072C-4C96-ABEF-6F15E4F3C0F3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1018566D-5DBE-44BD-BA05-1F6A6375C32F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sharp:aquos_zeta_sh-04f_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E64A2E-16CB-4301-8A7C-F3765EF2B7BE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sharp:aquos_zeta_sh-04f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2D5DC700-E8CB-4A19-B704-5384ED7D3697"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CDA25A7-839A-4870-8DE6-D2B0D2405F37"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99C8B1DE-1EA8-405F-9D4E-5F6D96F4B6D4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References