CVE-2019-20610

An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019).
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
OR cpe:2.3:h:samsung:exynos_7570:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_7870:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_7880:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_7885:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_8890:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_8895:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-03-24 20:15

Updated : 2024-02-28 17:47


NVD link : CVE-2019-20610

Mitre link : CVE-2019-20610

CVE.ORG link : CVE-2019-20610


JSON object : View

Products Affected

samsung

  • exynos_9810
  • exynos_7570
  • exynos_7880
  • exynos_8895
  • exynos_7885
  • exynos_8890
  • exynos_7870

google

  • android
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition