SB20200324110 - Insufficient verification of data authenticity in Google, Google Android
Published: March 24, 2020 Updated: August 8, 2020
Security Bulletin ID
SB20200324110
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Insufficient verification of data authenticity (CVE-ID: CVE-2020-10831)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 (March 2020).
Remediation
Install update from vendor's website.