Details of VAR-202002-1367

ID

VAR-202002-1367

CVE

CVE-2020-8860

TITLE

Samsung Galaxy S10 Firmware device Exynos Out-of-bounds write vulnerabilities in chipsets

Trust: 0.8

sources: JVNDB: JVNDB-2020-002500

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the Call Control Setup messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the baseband processor. Was ZDI-CAN-9658. Zero Day Initiative To this vulnerability ZDI-CAN-9658 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Samsung Galaxy 10 is a smartphone from Samsung in South Korea. The Call Control Setup message in Samsung Galaxy 10 has a buffer overflow vulnerability. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow

Trust: 2.79

sources: NVD: CVE-2020-8860 // JVNDB: JVNDB-2020-002500 // ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-13142

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	10.0	Trust: 2.4
vendor:	google	model:	android	scope:	eq	version:	9.0	Trust: 2.4
vendor:	google	model:	android	scope:	eq	version:	8.1	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	8.0	Trust: 1.6
vendor:	samsung	model:	galaxy s10	scope:	-	version:	-	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	8.x	Trust: 0.8
vendor:	samsung	model:	galaxy	scope:	eq	version:	10	Trust: 0.6

sources: ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142 // JVNDB: JVNDB-2020-002500 // CNNVD: CNNVD-202002-1023 // NVD: CVE-2020-8860

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-8860
value:	HIGH
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2020-8860
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-002500
value:	HIGH
Trust: 0.8
ZDI:	CVE-2020-8860
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2020-13142
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202002-1023
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-8860
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-002500
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-13142
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:A/AC:H/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.2
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-8860
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.1
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2020-8860
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-002500
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2020-8860
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142 // JVNDB: JVNDB-2020-002500 // CNNVD: CNNVD-202002-1023 // NVD: CVE-2020-8860 // NVD: CVE-2020-8860

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.8
problemtype:	CWE-121	Trust: 1.0

sources: JVNDB: JVNDB-2020-002500 // NVD: CVE-2020-8860

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202002-1023

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202002-1023

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-002500

PATCH

title:	SVE-2019-16088 (Android Security Updates)	url:	https://security.samsungmobile.com/securityUpdate.smsb	Trust: 1.5
title:	Patch for Samsung Galaxy 10 buffer overflow vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/204159	Trust: 0.6
title:	Samsung Galaxy 10 Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110559	Trust: 0.6

sources: ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142 // JVNDB: JVNDB-2020-002500 // CNNVD: CNNVD-202002-1023

EXTERNAL IDS

db:	NVD	id:	CVE-2020-8860	Trust: 3.7
db:	ZDI	id:	ZDI-20-255	Trust: 3.7
db:	JVNDB	id:	JVNDB-2020-002500	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-9658	Trust: 0.7
db:	CNVD	id:	CNVD-2020-13142	Trust: 0.6
db:	CNNVD	id:	CNNVD-202002-1023	Trust: 0.6

sources: ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142 // JVNDB: JVNDB-2020-002500 // CNNVD: CNNVD-202002-1023 // NVD: CVE-2020-8860

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-20-255/	Trust: 3.6
url:	https://security.samsungmobile.com/securityupdate.smsb	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8860	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8860	Trust: 0.8

sources: ZDI: ZDI-20-255 // CNVD: CNVD-2020-13142 // JVNDB: JVNDB-2020-002500 // CNNVD: CNNVD-202002-1023 // NVD: CVE-2020-8860

CREDITS

@fluoroacetate

Trust: 0.7

sources: ZDI: ZDI-20-255

SOURCES

db:	ZDI	id:	ZDI-20-255
db:	CNVD	id:	CNVD-2020-13142
db:	JVNDB	id:	JVNDB-2020-002500
db:	CNNVD	id:	CNNVD-202002-1023
db:	NVD	id:	CVE-2020-8860

LAST UPDATE DATE

2024-11-23T22:25:36.172000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-20-255	date:	2020-02-21T00:00:00
db:	CNVD	id:	CNVD-2020-13142	date:	2020-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-002500	date:	2020-03-18T00:00:00
db:	CNNVD	id:	CNNVD-202002-1023	date:	2020-03-13T00:00:00
db:	NVD	id:	CVE-2020-8860	date:	2024-11-21T05:39:35.220

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-20-255	date:	2020-02-20T00:00:00
db:	CNVD	id:	CNVD-2020-13142	date:	2020-02-24T00:00:00
db:	JVNDB	id:	JVNDB-2020-002500	date:	2020-03-18T00:00:00
db:	CNNVD	id:	CNNVD-202002-1023	date:	2020-02-20T00:00:00
db:	NVD	id:	CVE-2020-8860	date:	2020-02-22T00:15:10.747