10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L
0.034 Low
EPSS
Percentile
91.5%
The Samsung Qmage codec used in the Android Skia library does not properly validate image files. A number of memory corruption vulnerabilities allow an attacker to execute arbitrary code by causing a vulnerable system to parse a Qmage file.
The Samsung May 2020 Android Security Update notes that “a possible memory overwrite vulnerability in Quram qmg library allows possible remote arbitrary code execution.” Samsung identifies this vulnerability as SVE-2020-16747, more commonly known as CVE-2020-8899. Google Project Zero performed extensive fuzz testing on the Qmage (or Quram, or qmg) code that Samsung added to the Android Skia library and identified 5218 uniquely crashing test cases. At least one of these memory corruption vulnerabilities can be exploited by sending a specially crafted MMS message to a vulnerable system.
Samsung notes that versions O(8.X), P(9.0), Q(10.0) are affected.
Exploitation of this vulnerability permits a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Apply an update
Samsung has released fixes in the May 2020 Android Security Update.
366027
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: May 14, 2020
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Temporal | 7.8 | E:POC/RL:OF/RC:ND |
Environmental | 7.8 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND |
This vulnerability was published by Mateusz Jurczyk at Google Project Zero.
This document was written by Eric Hatleback.
CVE IDs: | CVE-2020-8899 |
---|---|
Date Public: | 2020-01-28 Date First Published: |
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:H/VI:H/SI:H/VA:L/SA:L
0.034 Low
EPSS
Percentile
91.5%