CVE-2019-20537 - An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There

CVE-2019-20537

Summary

An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 (November 2019).

References

https://security.samsungmobile.com/securityUpdate.smsb

Vulnerable Configurations

cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 27-03-2020 - 19:23)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

https://security.samsungmobile.com/securityUpdate.smsb

Last major update

27-03-2020 - 19:23

Published

24-03-2020 - 18:15

Last modified

27-03-2020 - 19:23