CVE-2024-20821

Summary

A vulnerability possible to reconfigure OTP allows local attackers to transit RMA(Return Merchandise Authorization) mode, which disables security features. This attack needs additional privilege to control TEE.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile DevicesGalaxy S24unaffected

Weaknesses

  • CWE-1326: Missing Immutable Root of Trust in Hardware

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References