Vulnerability in Samsung Mobile Devices Affects Secure Folder Functionality
CVE-2018-9142

7HIGH

Key Information:

Vendor: Samsung
Status: Samsung Mobile
Vendor: CVE Published:; 30 March 2018

What is CVE-2018-9142?

On Samsung mobile devices running N(7.x) software, a vulnerability enables attackers to bypass signature verification and install arbitrary APKs in the Secure Folder SD Card area. This flaw, attributed to faulty validation of both package signature and package name, exposes users to potential security risks, including unauthorized access to sensitive data.

References

https://security.samsungmobile.com/securityUpdate.smsb

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2018
Vulnerability Reserved
Mar 30, 2018