CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-21044
https://notcve.org/view.php?id=CVE-2018-21044
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) software. The sem Trustlet has a buffer overflow that leads to arbitrary TEE code execution. The Samsung IDs are SVE-2018-13230, SVE-2018-13231, SVE-2018-13232, SVE-2018-13233 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.0). El Trustlet sem presenta un desbordamiento de búfer que conlleva a una ejecución de código TEE arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-21042
https://notcve.org/view.php?id=CVE-2018-21042
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Dual Messenger permite la instalación de un APK arbitrario con una ejecución de código privilegiada resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos SS (Supplementary Service) y USSD (Unstructured Supplementary Service Data) están asegurados inapropiadamente. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-21080
https://notcve.org/view.php?id=CVE-2018-21080
An issue was discovered on Samsung mobile devices with N(7.x) software. A physically proximate attacker wielding a magnet can activate NFC to bypass the lockscreen. The Samsung ID is SVE-2017-10897 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software N(7.x). Un atacante físicamente próximo mediante un imán "wielding a magnet" puede activar NFC para omitir la pantalla de bloqueo. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-326: Inadequate Encryption Strength •