Samsung has fixed security issues on its Android devices

Samsung started releasing the Σεπτεμβρίου στις Android συσκευές της, για να διορθώσει κρίσιμες αδυναμίες ασφαλείας στο its system and improve the overall capabilities on its devices.

This week the released the September 2020 Android security updates, which include several security updates to the code for critical vulnerabilities affecting the latest devices.

As noted, Samsung Galaxy devices started updating automatically today, September 10th.

These updates include many improvements to Wi-Fi connectivity, the Samsung Keyboard, and the Messaging app, along with some important security fixes. There are also optimizations to the Pro Video capability of the camera.

All of the vulnerabilities addressed in this update have been rated with either “High” or “Critical” severity, making the update essential for of the company so that their devices remain secure.

One of the most critical vulnerabilities is CVE-2020-0245, which affects the Media Framework component and allows both remote code execution and the disclosure of important information.

Other notable vulnerabilities that are fixed in this update include:

Framework

CVE References Type Severity Updated AOSP versions
CVE-2020-0074 A-146204120 EoP High 8.0, 8.1, 9, 10
CVE-2020-0388 A-156123285 EoP High 10
CVE-2020-0391 A-158570769 EoP High 9, 10
CVE-2020-0401 A-150857253 EoP High 8.0, 8.1, 9, 10
CVE-2020-0382 A-152944488 ID High 10
CVE-2020-0389 A-156959408 ID High 10
CVE-2020-0390 A-157598026 ID High 10
CVE-2020-0395 A-154124307 ID High 8.0, 8.1, 9, 10
CVE-2020-0397 A-155092443 ID High 8.0, 8.1, 9, 10
CVE-2020-0399 A-153993591 ID High 8.0, 8.1, 9, 10

Media Framework

CVE References Type Severity Updated AOSP versions
CVE-2020-0245 A-152496149 ID High 10
RCE 8.0, 8.1, 9
CVE-2020-0392 A-150226608 EoP High 9, 10
CVE-2020-0381 A-150159669 ID High 8.0, 8.1, 9, 10
CVE-2020-0383 A-150160279 ID High 8.0, 8.1, 9, 10
CVE-2020-0384 A-150159906 ID High 8.0, 8.1, 9, 10
CVE-2020-0385 A-150160041 ID High 8.0, 8.1, 9, 10
CVE-2020-0393 A-154123412 ID High 9, 10

System

CVE References Type Severity Updated AOSP versions
CVE-2020-0380 A-146398979 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0396 A-155094269 ID Critical 8.0, 8.1, 9, 10
CVE-2020-0386 A-155650356 EoP High 8.0, 8.1, 9, 10
CVE-2020-0394 A-155648639 EoP High 8.0, 8.1, 9, 10
CVE-2020-0379 A-150156492 ID High 8.0, 8.1, 9, 10

On select Samsung Galaxy devices, the updates pushed out this week are dated “2020-09-01”. This implies that vulnerabilities (EoP) of high severity that must be patched by “ 2020-09-05” are still exploitable.

Just one of these vulnerabilities, CVE-2020-0402, for example, can allow a user to gain privileges on a device so that they are able to unlock it and have in the file system.

It is recommended that you update your devices immediately, which will happen automatically if you have the "auto-update" settings enabled.

A full description of the improvements can be found at site of Samsung.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).