PT-2020-10589 · Samsung · Contacts Application+1

Published

2020-03-24

Updated

2020-03-30

CVE-2019-20613

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Samsung mobile devices with N(7.x) software Samsung mobile devices with O(8.x) software

Description An issue was discovered in the Contacts application of Samsung mobile devices, where a time-based SQL injection is present.

Recommendations For Samsung mobile devices with N(7.x) software, update to a version that includes the fix for this issue. For Samsung mobile devices with O(8.x) software, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Contacts application until a patch is available.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2019-20613

Affected Products

Contacts Application

Samsung Mobile Devices

PT-2020-10589 · Samsung · Contacts Application+1

CVE-2019-20613

Weakness Enumeration

Related Identifiers

Affected Products

References · 3