CVE-2019-20586
First published: Tue Mar 24 2020(Updated: )
An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 (August 2019).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =8.1 | |
| Android | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the nature of CVE-2019-20586?
CVE-2019-20586 is a vulnerability resulting from type confusion in the FINGERPRINT Trustlet on Samsung mobile devices running Android 8.1 and 9.0.
What are the affected devices for CVE-2019-20586?
CVE-2019-20586 affects Samsung mobile devices operating on Android versions 8.1 and 9.0 that utilize TEEGRIS.
What is the potential impact of CVE-2019-20586?
The vulnerability allows for arbitrary code execution, which could lead to unauthorized control over the affected devices.
Is there a known fix for CVE-2019-20586?
Yes, Samsung has released security updates to address CVE-2019-20586, and it is recommended to apply these updates as soon as possible.
What is the severity rating of CVE-2019-20586?
CVE-2019-20586 has a critical severity rating due to the potential for remote code execution.
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/8.1
- version/android/9.0