CVE-2018-21068
Description
An issue was discovered on Samsung mobile devices with O(8.0) software. Execution of an application in a locked Secure Folder can occur without a password via a split screen. The Samsung ID is SVE-2018-11669 (July 2018).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
On Samsung devices with Android 8.0, a split-screen feature allows bypassing the Secure Folder password to launch apps.
Vulnerability
Samsung mobile devices running Android O(8.0) software are affected by a vulnerability under CVE-2018-21068. The Secure Folder, a protected sandbox for apps and data, can be accessed without entering the correct password. The bypass is triggered specifically through the use of the split-screen (multi-window) feature, which allows execution of an application inside the locked Secure Folder without authentication. The issue was reported via Samsung's security program with ID SVE-2018-11669 and acknowledged in July 2018 [1].
Exploitation
To exploit this vulnerability, an attacker needs physical access to the unlocked device (or prior screen unlock) and the ability to invoke split-screen mode. The required configuration is that the device be running Android 8.0 (Oreo) and that the Secure Folder is active with a lock set. The attacker can then, from the device's recent apps or home screen, launch an app in split-screen mode that targets an application inside the Secure Folder, effectively bypassing the password prompt. No additional privileges or user interaction beyond screen unlock are needed if the split-screen gesture is available.
Impact
Successful exploitation allows an unauthorized user to launch and interact with any application stored inside the Secure Folder without providing the folder's password. This leads to a breach of confidentiality and integrity of the data and apps protected by Secure Folder. The attacker gains access to the same privilege level as the legitimate user for those sandboxed apps, potentially exposing sensitive information such as private photos, documents, or corporate data.
Mitigation
The vulnerability was tracked by Samsung under SVE-2018-11669. According to the published description, the issue exists in Android 8.0 software. Samsung's security update portal [1] serves as the official channel for firmware patches. It is recommended that users update their devices with the latest security patch for Android 8.0 or upgrade to a newer Android version that addresses this bypass. No specific fixed version date is provided in the references, but the CVE publication date (April 2020) indicates a patch should have been incorporated by that time. Users should ensure their devices receive all available Samsung security updates. As a workaround, disabling split-screen multi-window for locked screens or avoiding the use of Secure Folder until patched may reduce risk.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Samsung/mobile devicesdescription
- Range: O(8.0)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.samsungmobile.com/securityUpdate.smsbmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.