CVE-2020-13834

Vulnerability

An issue exists in the Secure Folder implementation on Samsung mobile devices running Android O(8.x), P(9.0), and Q(10.0) with TEEGRIS software. The Secure Folder does not properly restrict the use of Android Debug Bridge (adb) for arbitrary installations, potentially allowing unauthorized apps to be installed inside the Secure Folder environment [1].

Exploitation

An attacker with physical access to the device and the ability to enable USB debugging or connect via ADB (possibly requiring the device to be unlocked or in a specific mode) can leverage the unrestricted ADB access to install arbitrary applications into the Secure Folder. The exact steps are not detailed in available references, but the vulnerability involves bypassing Secure Folder's intended restrictions on ADB-based installations [1].

Impact

Successful exploitation allows an attacker to install arbitrary applications within the Secure Folder, which is designed to provide an isolated, secure container for sensitive data. This could lead to compromise of the confidentiality and integrity of data stored within the Secure Folder, as malicious apps could be placed inside the sandbox [1].

Mitigation

Samsung released security updates as part of the June 2020 Security Maintenance Release (SMR). Users should update to the latest firmware for their device via the device's update mechanism. No workaround is available for unpatched devices. The fix restricts ADB usage within Secure Folder to prevent arbitrary installations [1].