Details of VAR-202002-1712

ID

VAR-202002-1712

TITLE

(Pwn2Own) Samsung Galaxy S10 Out-Of-Bounds Write Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-20-253

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of arrays in JSCallReducer::ReduceArrayMap. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process.

Trust: 0.7

sources: ZDI: ZDI-20-253

AFFECTED PRODUCTS

vendor:

samsung

model:

galaxy s10

scope:

version:

Trust: 0.7

sources: ZDI: ZDI-20-253

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	ZDI-20-253
value:	MEDIUM
Trust: 0.7

ZDI:	ZDI-20-253
baseSeverity:	MEDIUM
baseScore:	6.3
vectorString:	AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	3.4
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-20-253

EXTERNAL IDS

db:	ZDI_CAN	id:	ZDI-CAN-9654	Trust: 0.7
db:	ZDI	id:	ZDI-20-253	Trust: 0.7

sources: ZDI: ZDI-20-253

CREDITS

@fluoroacetate

Trust: 0.7

sources: ZDI: ZDI-20-253

SOURCES

db:

ZDI

id:

ZDI-20-253

LAST UPDATE DATE

2022-05-17T01:45:06.168000+00:00

SOURCES UPDATE DATE

db:

ZDI

id:

ZDI-20-253

date:

2020-02-21T00:00:00

SOURCES RELEASE DATE

db:

ZDI

id:

ZDI-20-253

date:

2020-02-20T00:00:00