Arbitrary File Read/Write Vulnerability in Samsung Mobile Devices (SVE-2017-10086)

Arbitrary File Read/Write Vulnerability in Samsung Mobile Devices (SVE-2017-10086)

CVE-2017-18648 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017).

Learn more about our Cis Benchmark Audit For Mobile Devices.