cve/2020/CVE-2020-25048.md

### [CVE-2020-25048](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25048)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 (August 2020).

### POC

#### Reference
- https://security.samsungmobile.com/securityUpdate.smsb
- https://security.samsungmobile.com/securityUpdate.smsb

#### Github
- https://github.com/Hritikpatel/InsecureTrust_Bank
- https://github.com/Hritikpatel/SecureTrust_Bank
- https://github.com/futehc/tust5
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-25048](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25048)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 (August 2020).`

			`### POC`

			`#### Reference`
			`- https://security.samsungmobile.com/securityUpdate.smsb`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://security.samsungmobile.com/securityUpdate.smsb`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/Hritikpatel/InsecureTrust_Bank`
			`- https://github.com/Hritikpatel/SecureTrust_Bank`
			`- https://github.com/futehc/tust5`