Primary

Context

Samsung Mobile Out-of-Bounds Read Vulnerability in secfr Trustlet Allowing Privileged Memory Access

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in the enrollment with the cdsp frame secfr trustlet, in Samsung Mobile devices running Android versions 13, 14, and 15, prior to the April 2025 Security Maintenance Release. This vulnerability allows local privileged attackers to read memory outside of the intended bounds, potentially leading to unauthorized access to sensitive information or memory corruption.

Impact

Exploitation of this vulnerability allows local privileged attackers to read out-of-bounds memory, which could lead to information disclosure or memory corruption.

Remediation

Users can apply the April 2025 Security Maintenance Release to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Mobile Out-of-Bounds Read Vulnerability in secfr Trustlet Allowing Privileged Memory Access

Vulnerability

Impact

Remediation

Affected Products

Samsung Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating