Vulnerabilities > CVE-2019-12087 - Resource Management Errors vulnerability in Samsung S10 Firmware, S9+ Firmware and Xcover 4 Firmware

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

samsung

CWE-399

NVD

Published: 2019-05-14

Updated: 2024-04-11

Summary

Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions "the Samsung Security Team considered this issue as no/little security impact.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung S9+ Firmware - Samsung S10 Firmware - Samsung Xcover 4 Firmware -	3
Hardware	Samsung Samsung S9+ - Samsung S10 - Samsung Xcover 4 -	3

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

https://github.com/fs0c131y/SamsungLocker