CVE-2020-26602

HIGH

Samsung EthernetNetwork <R - Privilege Escalation

Title source: llm

Description

An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID is SVE-2020-18392 (October 2020).

References (1)

[Vendor Advisory] https://security.samsungmobile.com/securityUpdate.smsb

Scores

CVSS v3 7.5

EPSS 0.0012

EPSS Percentile 31.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-668

Status published

Affected Products (4)

google/android

Timeline

Published Oct 06, 2020

Tracked Since Feb 18, 2026