Overview
- Description
- An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-787
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854"
},
{
"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC"
},
{
"criteria": "cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B8C35DE-1C58-4C6E-BB15-0E3C2FECB8DA"
},
{
"criteria": "cpe:2.3:h:samsung:exynos_9830:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC599902-095F-411E-B112-1BA9A643C6C9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]