CVE-2024-20865

Name of the Vulnerable Software and Affected Versions: Samsung Android mobile devices (affected versions not specified) Samsung Android mobile devices versions prior to SMR May-2024 Release 1

Description: The issue is related to weaknesses in the authentication procedure of the bootloader component in Samsung Android mobile devices. This can allow an attacker to bypass authentication and potentially impact the confidentiality, integrity, and availability of protected information. The vulnerability can be exploited by physical attackers to flash arbitrary images.

Recommendations: For versions prior to SMR May-2024 Release 1, update to the SMR May-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting physical access to the device to minimize the risk of exploitation.