CVE-2019-20608

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 April 2019...

CVE-2020-10844

An issue was discovered on Samsung mobile devices with O8.x, P9.x, and Q10.0 software. There is an out-of-bounds read vulnerability in media.audiopolicy. The Samsung ID is SVE-2019-16333 February 2020...

CVE-2020-10831

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 March 2020...

Samsung zero-day lets attackers take over your phone

A critical vulnerability has put Samsung mobile device owners at risk of sophisticated cyberattacks. On November 10, 2025, the US Cybersecurity and Infrastructure Security Agency CISA added a vulnerability, tracked as CVE-2025-21042, to its Known Exploited Vulnerabilities KEV catalog. The KEV...

EUVD-2020-7564

Malware in sbrugna...

EUVD-2015-8652

Malware in sbrugna...

CVE-2020-26607

An issue was discovered in TimaService on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 October 2020...

CVE-2020-26603

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 October 2020...

CVE-2019-15441

The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other...

CVE-2017-18659

An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 July 2017...

SUSE CVE-2020-26146

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented...

CVE-2020-35551

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB write operation can be replayed, a related issue to CVE-2020-13799. The Samsung ID is SVE-2020-18100 Decemb...

Samsung Mobile Device Information Disclosure Vulnerability (CNVD-2020-30774)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. The Samsung mobile device information disclosure vulnerability can be exploited by attackers to obtain sensitive information about affected components...

CVE-2018-21058

CVE-2018-21058 affects Samsung mobile devices running Android 7.0/8.0 on Exynos 7420/8890/8996. The issue enables cache attacks against the Keymaster AES-GCM implementation because T-Tables are used and the Cryptography Extension (CE) is not utilized. Samsung ID: SVE-2018-12761. No exploitation o...

CVE-2017-18684

An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. SVoice allows provider seizure via an application that uses a custom provider. The Samsung ID is SVE-2016-6942 February 2017...

CVE-2016-11047

An issue was discovered on Samsung mobile devices with JBP4.2 and KK4.4 Marvell chipsets software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. The Samsung ID is SVE-2016-5393 April 2016...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-33786)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Samsung mobile devices, which can be exploited by attackers to bypass FRP with the help of a SIM card...

CVE-2019-20553

An issue was discovered on Samsung mobile devices with P9.0 SM6150, SM8150, SM8150FUSION, exynos7885, exynos9610, and exynos9820 chipsets software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 October 2019...

CVE-2020-10846

An issue was discovered on Samsung mobile devices with P9.x and Q10.x software. Attackers can enable the OEM unlock feature on a KG-enrolled devices, leading to potentially unwanted binaries being downloaded. The Samsung ID is SVE-2019-16554 February 2020...

Beers with Talos EP 34: Click Here to Assign New Mobile Device Owner

Beers with Talos BWT Podcast Ep. 34 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast. Ep. 34 show notes: Recorded July 20, 2018 — This week, we touch on several topics, but we spend the lion’s...