Improper Configuration in Samsung GPS Daemon Allows Location Information Leakage (SVE-2020-18678)

Improper Configuration in Samsung GPS Daemon Allows Location Information Leakage (SVE-2020-18678)

CVE-2020-35552 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in the GPS daemon on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (non-Qualcomm chipsets) software. Attackers can obtain sensitive location information because the configuration file is incorrect. The Samsung ID is SVE-2020-18678 (December 2020).

Learn more about our Cis Benchmark Audit For Mobile Devices.