PT-2020-8683 · Samsung · Samsung Mobile Devices

Published

2020-04-08

Updated

2020-04-09

CVE-2018-21039

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Samsung mobile devices with N(7.0) software

Description An issue was discovered that allows an attacker to bypass the lockscreen on Samsung mobile devices. This is possible when the Location permission for the compass feature in Quick Tools is granted.

Recommendations For Samsung mobile devices with N(7.0) software, consider disabling the Location permission for the compass feature in Quick Tools as a temporary workaround until a patch is available. Restrict access to the lockscreen to minimize the risk of exploitation.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2018-21039

Affected Products

Samsung Mobile Devices

PT-2020-8683 · Samsung · Samsung Mobile Devices

CVE-2018-21039

Weakness Enumeration

Related Identifiers

Affected Products

References · 4