exploitDog

CVE-2021-22494

Опубликовано: 05 янв. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequently, inversion can occur during fingerprint enrollment, and a high False Recognition Rate (FRR) can occur. The Samsung ID is SVE-2020-19216 (January 2021).

Ссылки

https://security.samsungmobile.com/securityUpdate.smsb
Vendor Advisory
https://security.samsungmobile.com/securityUpdate.smsb
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

cpe:2.3:h:samsung:galaxy_note_20:-:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.0005

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-cff3-jr7v-m727

github

больше 3 лет назад

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequently, inversion can occur during fingerprint enrollment, and a high False Recognition Rate (FRR) can occur. The Samsung ID is SVE-2020-19216 (January 2021).

EPSS

Процентиль: 16%

0.0005

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo