Vulnerability Name: | CVE-2018-21042 (CCN-179437) | ||||||||||||
Assigned: | 2020-04-07 | ||||||||||||
Published: | 2020-04-07 | ||||||||||||
Updated: | 2020-04-09 | ||||||||||||
Summary: | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018). | ||||||||||||
CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
Vulnerability Type: | CWE-862 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-21042 Source: XF Type: UNKNOWN samsung-cve201821042-code-exec(179437) Source: CCN Type: Samsung Mobile Web site Android Security Updates Source: CONFIRM Type: Vendor Advisory https://security.samsungmobile.com/securityUpdate.smsb | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |