VYPR

Galaxy S2

by Samsung Mobile

CVEs (6)

  • CVE-2020-25056HigAug 31, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020).

  • CVE-2024-49409MedNov 6, 2024
    risk 0.42cvss 6.4epss 0.00

    Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.

  • CVE-2024-49408MedNov 6, 2024
    risk 0.42cvss 6.4epss 0.00

    Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.

  • CVE-2022-28793MedMay 3, 2022
    risk 0.29cvss 4.4epss 0.00

    Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first…

  • CVE-2022-1230LowMar 28, 2023
    risk 0.25cvss 3.9epss 0.00

    This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The…

  • CVE-2012-6422Dec 18, 2012
    risk 0.01cvss epss 0.15

    The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges…