An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung ID is SVE-2020-18433 (October 2020).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26603
Reference (s):
- https://security.samsungmobile.com/securityUpdate.smsb