PT-2020-8722 · Samsung · Contacts
Published
2020-04-08
·
Updated
2020-04-09
·
CVE-2018-21078
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Samsung mobile devices with M(6.0)
Samsung mobile devices with N(7.x)
Samsung mobile devices with O(8.0)
Description
An issue was discovered in the Contacts application, allowing attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured.
Recommendations
For Samsung mobile devices with M(6.0), update the Contacts application to properly secure SS and USSD codes.
For Samsung mobile devices with N(7.x), update the Contacts application to properly secure SS and USSD codes.
For Samsung mobile devices with O(8.0), update the Contacts application to properly secure SS and USSD codes.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Contacts