Main Vulnerability Database Vulnerabilities #VU34632

#VU34632 Information disclosure in Google Android - CVE-2019-20623

Published: March 24, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34632

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-20623

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. Gallery has uninitialized memory disclosure. The Samsung ID is SVE-2018-13060 (February 2019).

Remediation

Install update from vendor's website.

External links

https://security.samsungmobile.com/securityUpdate.smsb

#VU34632 Information disclosure in Google Android - CVE-2019-20623

Description

Remediation

External links

Please verify you're human