Main Vulnerability Database Vulnerabilities #VU34168

Path traversal in Google Android - CVE-2020-15583

Published: July 7, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34168

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-15583

CWE-ID: CWE-22

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a local authenticated user to gain access to sensitive information.

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 (July 2020).

Remediation

Install update from vendor's website.

External links

https://security.samsungmobile.com/securityUpdate.smsb

Path traversal in Google Android - CVE-2020-15583

Description

Remediation

External links

Please verify you're human