| ID |
CVE-2015-8546
|
| Summary |
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015). |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
-
cpe:2.3:h:samsung:galaxy_note5:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_note5:-:*:*:*:*:*:*:*
-
cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*
-
cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s6_edge:-:*:*:*:*:*:*:*
-
cpe:2.3:h:samsung:galaxy_s6_edge\+:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s6_edge\+:-:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 13-04-2020 - 13:04) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-787 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
|
| Last major update |
13-04-2020 - 13:04 |
| Published |
10-04-2020 - 19:15 |
| Last modified |
13-04-2020 - 13:04 |
