Type Confusion Vulnerability in Samsung HDCP Trustlet Allows Arbitrary Code Execution

Type Confusion Vulnerability in Samsung HDCP Trustlet Allows Arbitrary Code Execution

CVE-2019-20584 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019).

Learn more about our Cis Benchmark Audit For Mobile Devices.