Main Vulnerability Database Vulnerabilities #VU34366

#VU34366 Input validation error in Google Android - CVE-2020-13829

Published: June 4, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34366

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-13829

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can disable the SEAndroid protection mechanism in the RKP. The Samsung ID is SVE-2019-15998 (June 2020).

Remediation

Install update from vendor's website.

External links

https://security.samsungmobile.com/securityUpdate.smsb