Arbitrary Code Execution Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2018-12855)

Arbitrary Code Execution Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2018-12855)

CVE-2018-21052 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018).

Learn more about our Cis Benchmark Audit For Mobile Devices.