First published: Wed Apr 08 2020(Updated: )
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =7.0 | |
Google Android | =7.1.0 | |
Google Android | =7.1.1 | |
Google Android | =7.1.2 | |
Mediatek Mt6755 | ||
Mediatek Mt6757 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue on Samsung mobile devices is CVE-2018-21089.
The severity level of CVE-2018-21089 is critical, with a severity value of 9.8.
CVE-2018-21089 allows arbitrary code execution via the download offset control, potentially leading to unauthorized access or control of the affected device.
The versions of Android 7.0, 7.1.0, 7.1.1, and 7.1.2 are affected by CVE-2018-21089.
To fix CVE-2018-21089, it is recommended to update your Samsung mobile device to the latest software version provided by Samsung. Please refer to the reference link for more information.