Vulnerability
CVE-2019-20607
Component: TRUST
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019).
Impact
Severity (Manufact.)
N/A
Severity (NIST)
9.8
Severity (Android)
N/A
Chipsets
5
Devices
269
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| Exynos 7870 | SAMSUNG LSI | |
| Exynos 8890 | SAMSUNG LSI | |
| Exynos 8895 | SAMSUNG LSI | |
| MSM8996 | Snapdragon 820 | Qualcomm |
| MSM8998 | Snapdragon 835 Snapdragon 835 Mobile PC Platform | Qualcomm |
5 of 5 row(s) shown.
Rows per page
Page 1 of 1
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Oct 1, 2015
Reported:
Unknown
Advisory Published:
N/A
CVE Published:
Mar 24, 2020
Android Patch Level:
None
