Quram Image Codec Library Vulnerability: Memory Overwrite and Arbitrary Code Execution on Samsung Mobile Devices (SVE-2020-16943)

Quram Image Codec Library Vulnerability: Memory Overwrite and Arbitrary Code Execution on Samsung Mobile Devices (SVE-2020-16943)

CVE-2020-12751 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 (May 2020).

Learn more about our Cis Benchmark Audit For Mobile Devices.