CVE-2020-12747 - An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 ch

CVE-2020-12747

Summary

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 (May 2020).

References

https://security.samsungmobile.com/securityUpdate.smsb

Vulnerable Configurations

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos980\(9630\):-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos980\(9630\):-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos990\(9830\):-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos990\(9830\):-:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 13-05-2020 - 20:06)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

https://security.samsungmobile.com/securityUpdate.smsb

Last major update

13-05-2020 - 20:06

Published

11-05-2020 - 16:15

Last modified

13-05-2020 - 20:06