SamFAIL: Root Privilege Vulnerability in Samsung Mobile Devices

SamFAIL: Root Privilege Vulnerability in Samsung Mobile Devices

CVE-2017-18649 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity check of the system image, aka the "SamFAIL" issue. The Samsung ID is SVE-2017-10465 (November 2017).

Learn more about our Cis Benchmark Audit For Mobile Devices.