Improper Authentication in Google Android - CVE-2018-21062
Published: April 8, 2020 / Updated: August 8, 2020
Google Android
Detailed vulnerability description
The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. When biometric authentication is disabled, an attacker can view Streams content (e.g., a Gallery slideshow) of a locked Secure Folder via a connection to an external device. The Samsung ID is SVE-2018-11766 (August 2018).