PT-2021-16625 · Samsung · Tizen Bootloader
Bob
·
Published
2021-07-08
·
Updated
2021-07-14
·
CVE-2021-25434
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Tizen bootloader versions prior to Firmware update JUL-2021 Release
Description:
The issue is related to improper input validation in the Tizen bootloader, allowing for arbitrary code execution. This can be achieved by using the
param partition in wireless firmware download mode.Recommendations:
For versions prior to Firmware update JUL-2021 Release, update to the Firmware update JUL-2021 Release or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tizen Bootloader