Sign-up

ID

VAR-202003-1023


CVE

CVE-2019-20539


TITLE

Samsung Out-of-bounds read vulnerabilities on mobile devices

Trust: 0.8

sources: JVNDB: JVNDB-2019-015186

DESCRIPTION

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. An out-of-bounds Read in the Wi-Fi vendor command leads to an information leak. The Samsung ID is SVE-2019-14869 (November 2019). This vulnerability is Samsung ID: SVE-2019-14869 It is published as.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2019-20539 // JVNDB: JVNDB-2019-015186

IOT TAXONOMY

category:['vehicle device']sub_category:mobile device

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:7.1.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:8.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:8.1

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:9.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:7.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:7.1.2

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:7.1.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:n(7.x)

Trust: 0.8

vendor:googlemodel:androidscope:eqversion:o(8.x)

Trust: 0.8

vendor:googlemodel:androidscope:eqversion:p(9.0)

Trust: 0.8

sources: JVNDB: JVNDB-2019-015186 // NVD: CVE-2019-20539

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-20539
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2019-015186
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202003-1382
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-20539
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2019-015186
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

nvd@nist.gov: CVE-2019-20539
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: JVNDB-2019-015186
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2019-015186 // CNNVD: CNNVD-202003-1382 // NVD: CVE-2019-20539

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.8

sources: JVNDB: JVNDB-2019-015186 // NVD: CVE-2019-20539

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-1382

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202003-1382

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-015186

PATCH
title:Top Pageurl:https://www.android.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-015186

EXTERNAL IDS
db:NVDid:CVE-2019-20539
Trust: 2.5
db:JVNDBid:JVNDB-2019-015186
Trust: 0.8
db:CNNVDid:CNNVD-202003-1382
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            JVNDB: JVNDB-2019-015186 // 
            
            
            
            CNNVD: CNNVD-202003-1382 // 
            
            
            
            NVD: CVE-2019-20539

REFERENCES
url:https://security.samsungmobile.com/securityupdate.smsb
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2019-20539
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-20539
Trust: 0.8
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            JVNDB: JVNDB-2019-015186 // 
            
            
            
            CNNVD: CNNVD-202003-1382 // 
            
            
            
            NVD: CVE-2019-20539

SOURCES
db:OTHERid: - 
db:JVNDBid:JVNDB-2019-015186
db:CNNVDid:CNNVD-202003-1382
db:NVDid:CVE-2019-20539

LAST UPDATE DATE
2025-01-30T21:14:59.590000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2019-015186date:2020-04-15T00:00:00
db:CNNVDid:CNNVD-202003-1382date:2020-12-31T00:00:00
db:NVDid:CVE-2019-20539date:2024-11-21T04:38:42.247

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2019-015186date:2020-04-15T00:00:00
db:CNNVDid:CNNVD-202003-1382date:2020-03-24T00:00:00
db:NVDid:CVE-2019-20539date:2020-03-24T18:15:13.747