Samsung December 2020 Update – Fixes Critical Bugs

Home/Mobile Security/Samsung December 2020 Update – Fixes Critical Bugs

Samsung December 2020 Update – Fixes Critical Bugs

Samsung’s Android December security updates are rolling out to mobile devices to patch security vulnerabilities.

High-Security Vulnerabilities — Android

This week, Android had published their December 2020 Security Updates bulletin for the operating system and related components, also impacting the latest devices.

As observed by BleepingComputer, Samsung Galaxy devices are automatically pulling updates that have “security patch level” dated “2020-12-01.”

Samsung Galaxy Android December 2020 updates
Source: BleepingComputer

Importantly, in this update the vulnerabilities addressed as Critical or High severity rating, making this update a must for Android users to remain protected.

The list of vulnerabilities patched by this update, which could lead to attacks — RCE, Privilege escalation, and Denial of Service (DoS), includes:

Framework

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2020-0099A-141745510EoPHigh8.0, 8.1, 9, 10
CVE-2020-0294A-154915372EoPHigh8.0, 8.1, 9, 10
CVE-2020-0440A-162627132 [2]EoPHigh11
CVE-2020-0459A-159373687 [2] [3] [4] [5]IDHigh8.0, 8.1, 9, 10
CVE-2020-0464A-150371903 [2]IDHigh10
CVE-2020-0467A-168500792IDHigh8.1, 9, 10, 11
CVE-2020-0468A-158484422IDHigh10, 11
CVE-2020-0469A-168692734DoSHigh11

Media Framework

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2020-0458A-160265164 [2]RCECritical8.0, 8.1, 9, 10
CVE-2020-0470A-166268541IDHigh10, 11

System

CVEReferencesTypeSeverityUpdated AOSP versions
CVE-2020-0460A-163413737IDHigh11
CVE-2020-0463A-169342531IDHigh8.0, 8.1, 9, 10, 11
CVE-2020-15802A-158854097IDHigh8.0, 8.1, 9, 10, 11

Recommendations:

The flaws impact components like Framework and System could allow sensitive information disclosure and user interaction bypass.

However, this could lead attackers to gain access to vulnerable devices without the user’s permission.

And, The high and critical severity vulnerabilities to be fixed by the “2020-12-05 security patch” could be still exploitable.

It is Highly recommended for user’s to update their Android devices immediately.

Also, Ensure the “auto-update” settings enabled.

By | 2020-12-12T22:50:57+05:30 December 12th, 2020|Mobile Security|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!