CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-18649

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity check of the system image, aka the "SamFAIL" issue. The Samsung ID is SVE-2017-10465 (November 2017).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.4%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://androidcommunity.com/samfail-method-gives-root-access-to-samsung-galaxy-note-8-snapdragon-variant-20171009/
https://security.samsungmobile.com/securityUpdate.smsb
https://androidcommunity.com/samfail-method-gives-root-access-to-samsung-galaxy-note-8-snapdragon-variant-20171009/
https://security.samsungmobile.com/securityUpdate.smsb

Products affected by CVE-2017-18649

Qualcomm » Msm8998 » Version: N/A

cpe:2.3:h:qualcomm:msm8998:-
Google » Android » Version: 7.0

cpe:2.3:o:google:android:7.0
Google » Android » Version: 7.1.0

cpe:2.3:o:google:android:7.1.0
Google » Android » Version: 7.1.1

cpe:2.3:o:google:android:7.1.1
Google » Android » Version: 7.1.2

cpe:2.3:o:google:android:7.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-18649

Products

Pricing

Contact Us