Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.
Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.
Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.
Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.
An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.
Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution.
Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.
Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 (February 2020).
An issue was discovered on Samsung mobile devices with P(9.0) (Galaxy S8 and Note8) software. Facial recognition can be spoofed. The Samsung ID is SVE-2019-16614 (February 2020).
Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.
The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity.
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.