CVE-2018-21070

HIGH

Samsung N/O - Privilege Escalation

Title source: llm

Description

An issue was discovered on Samsung mobile devices with N(7.x), O(8.0) devices (MSM8998 or SDM845 chipsets) software. An attacker can bypass Secure Boot and obtain root access because of a missing Bootloader integrity check. The Samsung ID is SVE-2018-11552 (May 2018).

References (1)

[Vendor Advisory] https://security.samsungmobile.com/securityUpdate.smsb

Scores

CVSS v3 8.4

EPSS 0.0001

EPSS Percentile 0.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-354

Status published

Products (5)

google/android 7.0

google/android 7.1.0

google/android 7.1.1

google/android 7.1.2

google/android 8.0

Published Apr 08, 2020

Tracked Since Feb 18, 2026