CVE-2019-6005

Name: CVE-2019-6005
Creator: NVD / NIST
Published: 2019-09-12T17:15:14.5+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 2.12%

Last modified Jun 17, 2026

CVE-2019-6005 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP.. EPSS estimates a 2.12% chance of exploitation in the next 30 days.

Description

Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

2.12%

79.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Kddi	Smart Tv Box Firmware	< 1300

References

http://jvn.jp/en/jp/JVN17127920/index.htmlThird Party Advisory
http://jvn.jp/en/jp/JVN17127920/index.htmlThird Party Advisory

Timeline

Published: Sep 12, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-6005?

How severe is CVE-2019-6005?

CVE-2019-6005 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 2.12% probability of exploitation in the next 30 days.

How do I fix CVE-2019-6005?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-6005?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST