What is CVE-2019-20601?

CVE-2019-20601 is a high-severity vulnerability in Google Android, classified under Out-of-bounds Write. CVSS score: 7.5/10. Published 2020-03-24.

How severe is CVE-2019-20601?

High severity. CVSS v3 base score is 7.5 out of 10.

Buffer overflow in Google Android

CVE-2019-20601

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580, 7870, 7880, and 8890 chipsets) software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-1…

Vulnerability class: Buffer Overflow

EPSS: 0.003 (26.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Google Android — versions 7.0, 7.1.0, 7.1.1
Samsung Exynos_7570
Samsung Exynos_7580
Samsung Exynos_7870
Samsung Exynos_7880
Samsung Exynos_8890
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2019-20601?: CVE-2019-20601 is a high-severity vulnerability in Google Android, classified under Out-of-bounds Write. CVSS score: 7.5/10. Published 2020-03-24.
How severe is CVE-2019-20601?: High severity. CVSS v3 base score is 7.5 out of 10.