Main Vulnerability Database Vulnerabilities #VU34686

Input validation error in Google Android - CVE-2019-20543

Published: March 24, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34686

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-20543

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a local authenticated user to manipulate data.

An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via SamsungPay mini. The Samsung ID is SVE-2019-15090 (November 2019).

How to mitigate CVE-2019-20543

Install update from vendor's website.

Sources

https://security.samsungmobile.com/securityUpdate.smsb

Input validation error in Google Android - CVE-2019-20543

Detailed vulnerability description

How to mitigate CVE-2019-20543

Sources

Please verify you're human