CVE-2017-18648

Vulnerability

An issue exists in Samsung mobile devices running Android versions KK (4.4.x), L (5.x), M (6.x), and N (7.x) that allows arbitrary file read and write operations while the device is locked. The vulnerability is triggered via a crafted MTP (Media Transfer Protocol) command. The Samsung ID for this issue is SVE-2017-10086, reported in November 2017.

Exploitation

An attacker with physical access to a locked device can send a specially crafted MTP command over USB. No authentication or user interaction is required beyond connecting the device to a computer. The attacker does not need to unlock the screen or bypass the lock screen.

Impact

Successful exploitation allows the attacker to read and write arbitrary files on the device's filesystem, including sensitive user data such as contacts, messages, photos, and application data. This compromises the confidentiality and integrity of all data stored on the device, bypassing the lock screen protection.

Mitigation

Samsung has not publicly disclosed a specific patch for this vulnerability in the available references. Users should ensure their devices are updated to the latest firmware version provided by Samsung. As of the publication date (April 2020), no workaround or fix details are available from the referenced source.