PT-2020-8736 · Samsung · Devicetest+1

Published

2020-04-08

Updated

2020-04-09

CVE-2018-21092

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Samsung mobile devices with M(6.x) and N(7.x) software

Description An issue was discovered where a crafted AT command may be sent by the DeviceTest application via an NFC tag.

Recommendations For Samsung mobile devices with M(6.x) software, consider disabling the DeviceTest application until a patch is available. For Samsung mobile devices with N(7.x) software, consider disabling the DeviceTest application until a patch is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-21092

Affected Products

Devicetest

Samsung Mobile Devices

PT-2020-8736 · Samsung · Devicetest+1

CVE-2018-21092

Weakness Enumeration

Related Identifiers

Affected Products

References · 4