ID CVE-2019-20553
Summary An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*
  • cpe:2.3:h:qualcomm:sm8150_fusion:-:*:*:*:*:*:*:*
    cpe:2.3:h:qualcomm:sm8150_fusion:-:*:*:*:*:*:*:*
  • cpe:2.3:h:samsung:exynos_7885:-:*:*:*:*:*:*:*
    cpe:2.3:h:samsung:exynos_7885:-:*:*:*:*:*:*:*
  • cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*
    cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*
  • cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*
    cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm https://security.samsungmobile.com/securityUpdate.smsb
Last major update 24-08-2020 - 17:37
Published 24-03-2020 - 19:15
Last modified 24-08-2020 - 17:37
Back to Top