Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-30723 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. | |||
| CVE-2023-30722 | 0.00 | — | 0.00 | Sep 6, 2023 | Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30721 | 0.00 | — | 0.00 | Sep 6, 2023 | Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log. | |||
| CVE-2023-30720 | 0.00 | — | 0.00 | Sep 6, 2023 | PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access. | |||
| CVE-2023-30719 | 0.00 | — | 0.00 | Sep 6, 2023 | Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data. | |||
| CVE-2023-30718 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting. | |||
| CVE-2023-30717 | 0.00 | — | 0.00 | Sep 6, 2023 | Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers. | |||
| CVE-2023-30716 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands. | |||
| CVE-2023-30715 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission. | |||
| CVE-2023-30714 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock. | |||
| CVE-2023-30713 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock. | |||
| CVE-2023-30712 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. | |||
| CVE-2023-30711 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider. | |||
| CVE-2023-30710 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities. | |||
| CVE-2023-30709 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege. | |||
| CVE-2023-30708 | 0.00 | — | 0.01 | Sep 6, 2023 | Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status. | |||
| CVE-2023-30707 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege. | |||
| CVE-2023-30706 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. | |||
| CVE-2023-36481 | 0.00 | — | 0.01 | Aug 28, 2023 | An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | |||
| CVE-2023-3704 | 0.00 | — | 0.01 | Aug 24, 2023 | The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable… | |||
| CVE-2020-22181 | 0.00 | — | 0.00 | Aug 22, 2023 | A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi | |||
| CVE-2021-35309 | 0.00 | — | 0.00 | Aug 22, 2023 | An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks. | |||
| CVE-2023-30705 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | |||
| CVE-2023-30704 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. | |||
| CVE-2023-30703 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information. | |||
| CVE-2023-30702 | 0.00 | — | 0.00 | Aug 10, 2023 | Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30701 | 0.00 | — | 0.00 | Aug 10, 2023 | PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access. | |||
| CVE-2023-30700 | 0.00 | — | 0.00 | Aug 10, 2023 | PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission. | |||
| CVE-2023-30699 | 0.00 | — | 0.01 | Aug 10, 2023 | Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers. | |||
| CVE-2023-30698 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege. | |||
| CVE-2023-30697 | 0.00 | — | 0.00 | Aug 10, 2023 | An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||
| CVE-2023-30696 | 0.00 | — | 0.00 | Aug 10, 2023 | An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||
| CVE-2023-30695 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary… | |||
| CVE-2023-30694 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30693 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30691 | 0.00 | — | 0.00 | Aug 10, 2023 | Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. | |||
| CVE-2023-30689 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30688 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30687 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30686 | 0.00 | — | 0.00 | Aug 10, 2023 | Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-30685 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode. | |||
| CVE-2023-30684 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission. | |||
| CVE-2023-30683 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission. | |||
| CVE-2023-30682 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission. | |||
| CVE-2023-30681 | 0.00 | — | 0.00 | Aug 10, 2023 | An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||
| CVE-2023-30680 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege. | |||
| CVE-2023-30679 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2023-30654 | 0.00 | — | 0.00 | Aug 10, 2023 | Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. | |||
| CVE-2023-36482 | 0.00 | — | 0.00 | Aug 8, 2023 | An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart. | |||
| CVE-2023-20795 | 0.00 | — | 0.00 | Aug 7, 2023 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900. |
- CVE-2023-30723Sep 6, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.
- CVE-2023-30722Sep 6, 2023risk 0.00cvss —epss 0.00
Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.
- CVE-2023-30721Sep 6, 2023risk 0.00cvss —epss 0.00
Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.
- CVE-2023-30720Sep 6, 2023risk 0.00cvss —epss 0.00
PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.
- CVE-2023-30719Sep 6, 2023risk 0.00cvss —epss 0.00
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.
- CVE-2023-30718Sep 6, 2023risk 0.00cvss —epss 0.00
Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.
- CVE-2023-30717Sep 6, 2023risk 0.00cvss —epss 0.00
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.
- CVE-2023-30716Sep 6, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.
- CVE-2023-30715Sep 6, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.
- CVE-2023-30714Sep 6, 2023risk 0.00cvss —epss 0.00
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.
- CVE-2023-30713Sep 6, 2023risk 0.00cvss —epss 0.00
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.
- CVE-2023-30712Sep 6, 2023risk 0.00cvss —epss 0.00
Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.
- CVE-2023-30711Sep 6, 2023risk 0.00cvss —epss 0.00
Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.
- CVE-2023-30710Sep 6, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.
- CVE-2023-30709Sep 6, 2023risk 0.00cvss —epss 0.00
Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.
- CVE-2023-30708Sep 6, 2023risk 0.00cvss —epss 0.01
Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.
- CVE-2023-30707Sep 6, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.
- CVE-2023-30706Sep 6, 2023risk 0.00cvss —epss 0.00
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.
- CVE-2023-36481Aug 28, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.
- CVE-2023-3704Aug 24, 2023risk 0.00cvss —epss 0.01
The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable…
- CVE-2020-22181Aug 22, 2023risk 0.00cvss —epss 0.00
A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi
- CVE-2021-35309Aug 22, 2023risk 0.00cvss —epss 0.00
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.
- CVE-2023-30705Aug 10, 2023risk 0.00cvss —epss 0.00
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
- CVE-2023-30704Aug 10, 2023risk 0.00cvss —epss 0.00
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
- CVE-2023-30703Aug 10, 2023risk 0.00cvss —epss 0.00
Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.
- CVE-2023-30702Aug 10, 2023risk 0.00cvss —epss 0.00
Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
- CVE-2023-30701Aug 10, 2023risk 0.00cvss —epss 0.00
PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.
- CVE-2023-30700Aug 10, 2023risk 0.00cvss —epss 0.00
PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.
- CVE-2023-30699Aug 10, 2023risk 0.00cvss —epss 0.01
Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.
- CVE-2023-30698Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.
- CVE-2023-30697Aug 10, 2023risk 0.00cvss —epss 0.00
An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- CVE-2023-30696Aug 10, 2023risk 0.00cvss —epss 0.00
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- CVE-2023-30695Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary…
- CVE-2023-30694Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30693Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30691Aug 10, 2023risk 0.00cvss —epss 0.00
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.
- CVE-2023-30689Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30688Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30687Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30686Aug 10, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-30685Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.
- CVE-2023-30684Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.
- CVE-2023-30683Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.
- CVE-2023-30682Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.
- CVE-2023-30681Aug 10, 2023risk 0.00cvss —epss 0.00
An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- CVE-2023-30680Aug 10, 2023risk 0.00cvss —epss 0.00
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.
- CVE-2023-30679Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.
- CVE-2023-30654Aug 10, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
- CVE-2023-36482Aug 8, 2023risk 0.00cvss —epss 0.00
An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart.
- CVE-2023-20795Aug 7, 2023risk 0.00cvss —epss 0.00
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900.
Page 22 of 45