CVE-2018-21042
https://notcve.org/view.php?id=CVE-2018-21042
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Dual Messenger permite la instalación de un APK arbitrario con una ejecución de código privilegiada resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-862: Missing Authorization •
CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos SS (Supplementary Service) y USSD (Unstructured Supplementary Service Data) están asegurados inapropiadamente. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2018-21080
https://notcve.org/view.php?id=CVE-2018-21080
An issue was discovered on Samsung mobile devices with N(7.x) software. A physically proximate attacker wielding a magnet can activate NFC to bypass the lockscreen. The Samsung ID is SVE-2017-10897 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software N(7.x). Un atacante físicamente próximo mediante un imán "wielding a magnet" puede activar NFC para omitir la pantalla de bloqueo. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-326: Inadequate Encryption Strength •
CVE-2018-21041
https://notcve.org/view.php?id=CVE-2018-21041
An issue was discovered on Samsung mobile devices with O(8.x) software. Access to Gallery in the Secure Folder can occur without authentication. The Samsung ID is SVE-2018-13057 (December 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software O(8.x). Un acceso a Gallery en la Secure Folder puede ocurrir sin autenticación. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-306: Missing Authentication for Critical Function •