CVE-2019-20560

CRITICAL

Samsung Android O(8.x) and P(9.0) - Out-of-bounds Write in BIOSUB Trustlet

Title source: llm
STIX 2.1

Description

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 (October 2019).

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/securityUpdate.smsb

Scores

CVSS v3 9.8
EPSS 0.0047
EPSS Percentile 37.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (3)
google/android 8.0
google/android 8.1
google/android 9.0
Published Mar 24, 2020
Tracked Since Feb 18, 2026