CVE-2018-21049

Name of the Vulnerable Software and Affected Versions Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software

Description An issue was discovered that allows for an arbitrary memory write in a Trustlet. This occurs because a secure driver permits access to sensitive APIs.

Recommendations For Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software, consider restricting access to sensitive APIs until a patch is available. As a temporary workaround, disabling the secure driver that allows access to these APIs may help minimize the risk of exploitation.