CVE-2020-25055
First published: Mon Aug 31 2020(Updated: )
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =8.0 | |
| Android | =8.1 | |
| Android | =9.0 | |
| Android | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-25055?
CVE-2020-25055 has a high severity rating due to its potential to allow attackers to bypass important security restrictions.
What devices are affected by CVE-2020-25055?
CVE-2020-25055 affects Samsung mobile devices running Google Android versions 8.0, 8.1, 9.0, and 10.0.
How do I fix CVE-2020-25055?
To fix CVE-2020-25055, ensure that your Samsung mobile device is updated to the latest software version available.
What kind of attack does CVE-2020-25055 enable?
CVE-2020-25055 allows attackers with control over an unprivileged SecureFolder process to bypass admin restrictions in KnoxContainer.
Is the vulnerability CVE-2020-25055 related to Samsung's Knox security?
Yes, CVE-2020-25055 is directly related to vulnerabilities in Samsung's Knox security framework.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/8.0
- version/android/8.1
- version/android/9.0
- version/android/10.0