Plataforma
android
Componente
com.bluecats.bcreveal
Corrigido em
3.0.20
CVE-2019-5626 affects BlueCats Reveal, an Android mobile application, prior to version 3.0.19. This vulnerability allows an attacker to access usernames and passwords stored in a cleartext file on the device. This can lead to unauthorized access and potential compromise of the BlueCats network implementation. Affected versions are those before 3.0.19, and the issue is resolved with an upgrade to version 3.0.19.
The primary impact of CVE-2019-5626 is the exposure of sensitive network credentials. An attacker who gains physical access to an Android device running a vulnerable version of BlueCats Reveal, or successfully installs a malicious application, can locate and extract this cleartext file. This allows them to authenticate to the BlueCats network, potentially gaining control over connected devices and accessing sensitive data managed by the network. The blast radius extends to any data or systems accessible through the compromised BlueCats network, depending on the network's configuration and permissions.
CVE-2019-5626 is not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a low probability of active exploitation. The vulnerability was publicly disclosed on May 22, 2019. Given the requirement for physical device access, exploitation is likely to be targeted and opportunistic rather than widespread.
Organizations utilizing BlueCats Reveal for location-based services and asset tracking are at risk, particularly those with mobile deployments where devices are potentially exposed to physical theft or unauthorized access. Shared devices or Bring Your Own Device (BYOD) environments increase the risk profile.
• android / mobile:
# Check for BlueCats Reveal app installation
Get-AppxPackage -Name BlueCats.Reveal | Select-Object Name• android / mobile:
# Check file permissions for potential cleartext storage locations (example - adjust path as needed)
ls -l /sdcard/BlueCats/credentials.txt• android / mobile: Use a mobile device security scanner to check for cleartext storage of sensitive data within the BlueCats Reveal application's data directory.
disclosure
Status do Exploit
EPSS
0.06% (percentil 18%)
Vetor CVSS
The primary mitigation for CVE-2019-5626 is to upgrade BlueCats Reveal to version 3.0.19 or later. This version addresses the cleartext storage issue. If immediate upgrading is not possible, consider implementing device access controls to limit physical access to devices running the vulnerable application. While a WAF or proxy cannot directly mitigate this vulnerability (as it's a local storage issue), enforcing strong device passcode policies and mobile device management (MDM) solutions can reduce the risk of unauthorized access. After upgrading, verify the fix by confirming that the credentials are no longer stored in cleartext on the device.
Atualize o aplicativo BlueCats Reveal para a versão 3.0.19 ou posterior a partir da loja de aplicativos do Android. Esta versão corrige o armazenamento inseguro de credenciais em texto simples. Se não puder atualizar imediatamente, considere desinstalar o aplicativo até que possa instalar a versão corrigida.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2019-5626 is a vulnerability in BlueCats Reveal versions before 3.0.19 that allows usernames and passwords to be stored in cleartext on Android devices, potentially leading to network compromise.
You are affected if you are using BlueCats Reveal versions prior to 3.0.19 on Android devices. Check your application version to determine your risk level.
Upgrade BlueCats Reveal to version 3.0.19 or later to resolve the cleartext storage issue. Implement device access controls as an interim measure.
There is no widespread evidence of active exploitation, but the vulnerability remains a risk if devices are not updated.
Refer to the BlueCats security advisory for details and further information: [https://www.bluecats.com/security-advisory/](https://www.bluecats.com/security-advisory/)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo build.gradle e descubra na hora se você está afetado.