CVE-2017-18695

2020-04-0713:56:02

mitre

www.cve.org

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

23.8%

JSON

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user’s credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017).

References

security.samsungmobile.com/securityUpdate.smsb