An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18034 (October 2020).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26601
Reference (s):
- https://security.samsungmobile.com/securityUpdate.smsb