CVE-2024-20820

Name of the Vulnerable Software and Affected Versions Samsung mobile devices versions prior to SMR Feb-2024 Release 1

Description The issue is related to improper input validation in the bootloader, which allows local privileged attackers to cause an Out-Of-Bounds read. This can potentially impact the confidentiality and availability of protected information. The vulnerability is associated with a buffer overflow in the bootloader component of Samsung Android mobile devices.

Recommendations For versions prior to SMR Feb-2024 Release 1, update to the SMR Feb-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the bootloader to minimize the risk of exploitation.