CVE-2020-28343
Summary
| CVE | CVE-2020-28343 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-11-08 05:15:00 UTC |
| Updated | 2020-11-10 19:43:00 UTC |
| Description | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020). |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Android | 10.0 | All | All | All | |
| Operating System | Android | 9.0 | All | All | All | |
| Operating System | Android | 10.0 | All | All | All | |
| Operating System | Android | 9.0 | All | All | All | |
| Hardware | Samsung | Exynos 980 | - | All | All | All |
| Hardware | Samsung | Exynos 980 | - | All | All | All |
| Hardware | Samsung | Exynos 9820 | - | All | All | All |
| Hardware | Samsung | Exynos 9820 | - | All | All | All |
| Hardware | Samsung | Exynos 9830 | - | All | All | All |
| Hardware | Samsung | Exynos 9830 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Samsung Mobile Security | MISC | security.samsungmobile.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.