VYPR

mPOS TUI trustlet

by Samsung Mobile

CVEs (5)

  • CVE-2025-20904Feb 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.

  • CVE-2023-21497May 4, 2023
    risk 0.00cvss epss 0.00

    Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.

  • CVE-2023-21500May 4, 2023
    risk 0.00cvss epss 0.00

    Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.

  • CVE-2023-21498May 4, 2023
    risk 0.00cvss epss 0.00

    Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.

  • CVE-2023-21499May 4, 2023
    risk 0.00cvss epss 0.00

    Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.