ID CVE-2016-11028
Summary An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016).
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  • cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*
    cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 07-04-2020 - 20:14)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm https://security.samsungmobile.com/securityUpdate.smsb
Last major update 07-04-2020 - 20:14
Published 07-04-2020 - 14:15
Last modified 07-04-2020 - 20:14
Back to Top