CVE-2025-20988

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-20988
Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=06
Configurations

No configuration.

History

04 Jun 2025, 14:54

Type Values Removed Values Added
Summary
  • (es) La lectura fuera de los límites en el trustlet de huellas dactilares anterior a la versión 1 de SMR de mayo de 2025 permite que atacantes privilegiados locales lean memoria fuera de los límites.

04 Jun 2025, 05:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-04 05:15

Updated : 2025-06-04 14:54

NVD link : CVE-2025-20988

Mitre link : CVE-2025-20988

CVE.ORG link : CVE-2025-20988

JSON object : View

Products Affected

No product.

CWE

No CWE.