Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-18690

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).

Published

2020-04-07T16:15:17.510

Last Modified

2024-11-21T03:20:40.390

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	google	android	4.4	Yes
Operating System	google	android	5.0	Yes
Operating System	google	android	5.1	Yes
Operating System	google	android	6.0	Yes
Operating System	google	android	7.0	Yes
Hardware	samsung	exynos_5410	-	No
Hardware	samsung	exynos_5420	-	No
Hardware	samsung	exynos_5422	-	No
Hardware	samsung	exynos_5430	-	No
Hardware	samsung	exynos_5450	-	No
Hardware	samsung	exynos_7420	-	No
Hardware	samsung	exynos_8890	-	No
Hardware	samsung	exynos_8895	-	No

References

https://security.samsungmobile.com/securityUpdate.smsb Vendor Advisory ([email protected])
https://security.samsungmobile.com/securityUpdate.smsb Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)