cve/2020/CVE-2020-25048.md

CVE-2020-25048

Description

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 (August 2020).

POC

Reference

• https://security.samsungmobile.com/securityUpdate.smsb
• https://security.samsungmobile.com/securityUpdate.smsb

Github

• https://github.com/Hritikpatel/InsecureTrust_Bank
• https://github.com/Hritikpatel/SecureTrust_Bank
• https://github.com/futehc/tust5