How severe is CVE-2019-20607?

CVE-2019-20607 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2019-20607

Name: android
Author: google

9.8CRITICAL

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keyma

公開日: 3/24/2020更新日: 11/21/2024

説明

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019).

AI分析AIによる分析

影響を受ける製品

googleandroid

7.0

googleandroid

7.1.0

googleandroid

7.1.1

googleandroid

7.1.2

googleandroid

8.0

googleandroid

8.1

googleandroid

9.0

qualcommmsm8996

qualcommmsm8998

samsungexynos_7420

samsungexynos_7870

samsungexynos_8890

samsungexynos_8895

参照

https://security.samsungmobile.com/securityUpdate.smsb
Vendor Advisory
https://security.samsungmobile.com/securityUpdate.smsb
Vendor Advisory