Arbitrary Memory Overwrite Vulnerability in Samsung Mobile Devices (SVE-2019-14651, SVE-2019-14666)

CVE-2019-20537 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 (November 2019).

Learn more about our Cis Benchmark Audit For Mobile Devices.