Vulnerabilities > CVE-2020-12747 - Out-of-bounds Write vulnerability in Google Android 10.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

google

CWE-787

critical

NVD

Published: 2020-05-11

Updated: 2020-05-13

Summary

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 (May 2020).

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 10.0	1
Hardware	Samsung Samsung Exynos980(9630) - Samsung Exynos990(9830) -	2

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://security.samsungmobile.com/securityUpdate.smsb