CVE-2017-18646
First published: Wed Apr 08 2020(Updated: )
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ID is SVE-2017-10602 (December 2017).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =6.0 | |
| Android | =6.0.1 | |
| Android | =7.0 | |
| Android | =7.1.0 | |
| Android | =7.1.1 | |
| Android | =7.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-18646?
CVE-2017-18646 is considered a high-severity vulnerability due to the ease of bypassing user authentication.
How does CVE-2017-18646 affect users?
Users can be significantly impacted as an attacker can bypass the password requirement for switching tablet users through a magnetic cover.
What versions of Android are affected by CVE-2017-18646?
CVE-2017-18646 affects Samsung mobile devices running Android versions 6.0 through 7.1.2.
How can I mitigate CVE-2017-18646?
To mitigate CVE-2017-18646, it is recommended to update your device to the latest firmware provided by Samsung.
Is there a workaround for CVE-2017-18646?
Currently, there is no documented workaround for CVE-2017-18646; applying the official patches is the best solution.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/6.0
- version/android/6.0.1
- version/android/7.0
- version/android/7.1.0
- version/android/7.1.1
- version/android/7.1.2