← Back to CVEs
CVE-2020-35551
CRITICAL9.8
Description
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB write operation can be replayed, a related issue to CVE-2020-13799. The Samsung ID is SVE-2020-18100 (December 2020).
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published12/18/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
google:android
Weaknesses (CWE)
CWE-294
References
https://security.samsungmobile.com/securityUpdate.smsb(cve@mitre.org)
https://security.samsungmobile.com/securityUpdate.smsb(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.