Out-of-bounds write in Google Android - CVE-2020-12746
Published: May 11, 2020 / Updated: August 8, 2020
Google Android
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) (Exynos chipsets) software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 (May 2020).