CVE-2019-12762

Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.

CVSS v3 4.2 MEDIUM
CVSS v2.0 1.9 LOW

4.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.5 / Impact : 3.6

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

1.9^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 3.4 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps/	Third Party Advisory
https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:mi:mi_5s_plus_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mi:mi_5s_plus:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sony:xperia_z4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sony:xperia_z4:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:samsung:galaxy_s6_edge_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:samsung:galaxy_s4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:google:nexus_7_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:google:nexus_9_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:google:nexus_9:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:sharp:aquos_zeta_sh-04f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sharp:aquos_zeta_sh-04f:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:03

Type	Values Removed	Values Added
References	{'url': 'https://medium.com/@juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607', 'name': 'https://medium.com/@juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}	() https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607 -

22 Sep 2022, 14:46

Type	Values Removed	Values Added
First Time		Mi Mi mi 5s Plus Mi mi 5s Plus Firmware
CPE	cpe:2.3:h:xiaomi:mi_5s_plus:-:::::::* cpe:2.3:o:xiaomi:mi_5s_plus_firmware:-:::::::*	cpe:2.3:h:mi:mi_5s_plus:-:::::::* cpe:2.3:o:mi:mi_5s_plus_firmware:-:::::::*

27 Mar 2021, 02:07

Type	Values Removed	Values Added
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*

25 Mar 2021, 14:54

Type	Values Removed	Values Added
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:h:fujitsu:arrows_nx_f005-f:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*
CPE	cpe:2.3:o:fujitsu:arrows_nx_f05-f_firmware:-:::::::* cpe:2.3:h:fujitsu:arrows_nx_f05-f:-:::::::*	cpe:2.3:o:fujitsu:arrows_nx_f005-f_firmware:-:::::::*

Information

Published : 2019-06-06 20:29

Updated : 2023-12-10 12:59

NVD link : CVE-2019-12762

Mitre link : CVE-2019-12762

CVE.ORG link : CVE-2019-12762

JSON object : View

Products Affected

mi_5s_plus_firmware
mi_5s_plus

fujitsu

arrows_nx_f05-f
arrows_nx_f05-f_firmware

samsung

galaxy_s6_edge
galaxy_s4
galaxy_s6_edge_firmware
galaxy_s4_firmware

google

nexus_9
nexus_7_firmware
nexus_7
nexus_9_firmware

sony

xperia_z4_firmware
xperia_z4

sharp

aquos_zeta_sh-04f_firmware
aquos_zeta_sh-04f

CWE

NVD-CWE-noinfo

4.2 /10

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

1.9 /10

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2019-12762

4.2^/10

1.9^/10

Attach tags to `CVE-2019-12762`