CVE-2019-20607

2020-03-2419:20:02

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.5%

JSON

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019).

References

security.samsungmobile.com/securityUpdate.smsb