CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 4.4

References

Products affected by CVE-2018-10500

Samsung » Galaxy Apps » Version: N/A

cpe:2.3:a:samsung:galaxy_apps:-
Samsung » Galaxy Apps » Version: 3.1.08.0

cpe:2.3:a:samsung:galaxy_apps:3.1.08.0
Samsung » Galaxy Apps » Version: 4.2.06-16

cpe:2.3:a:samsung:galaxy_apps:4.2.06-16
Samsung » Galaxy Apps » Version: 4.2.08-47

cpe:2.3:a:samsung:galaxy_apps:4.2.08-47
Samsung » Galaxy Apps » Version: 4.2.10-11

cpe:2.3:a:samsung:galaxy_apps:4.2.10-11
Samsung » Galaxy Apps » Version: 4.2.11-1

cpe:2.3:a:samsung:galaxy_apps:4.2.11-1
Samsung » Galaxy Apps » Version: 4.2.12.42

cpe:2.3:a:samsung:galaxy_apps:4.2.12.42
Samsung » Galaxy Apps » Version: 4.2.12.50

cpe:2.3:a:samsung:galaxy_apps:4.2.12.50
Samsung » Galaxy Apps » Version: 4.2.12.51

cpe:2.3:a:samsung:galaxy_apps:4.2.12.51
Samsung » Galaxy Apps » Version: 4.2.14.12

cpe:2.3:a:samsung:galaxy_apps:4.2.14.12
Samsung » Galaxy Apps » Version: 4.2.15.1

cpe:2.3:a:samsung:galaxy_apps:4.2.15.1
Samsung » Galaxy Apps » Version: 4.2.16.1

cpe:2.3:a:samsung:galaxy_apps:4.2.16.1
Samsung » Galaxy Apps » Version: 4.2.16.5

cpe:2.3:a:samsung:galaxy_apps:4.2.16.5
Samsung » Galaxy Apps » Version: 4.2.18.2

cpe:2.3:a:samsung:galaxy_apps:4.2.18.2
Samsung » Galaxy Apps » Version: 4.2.19.3

cpe:2.3:a:samsung:galaxy_apps:4.2.19.3
Samsung » Galaxy Apps » Version: 4.2.20.7

cpe:2.3:a:samsung:galaxy_apps:4.2.20.7
Samsung » Galaxy Apps » Version: 4.2.21.1

cpe:2.3:a:samsung:galaxy_apps:4.2.21.1
Samsung » Galaxy Apps » Version: 4.2.22.2

cpe:2.3:a:samsung:galaxy_apps:4.2.22.2
Samsung » Galaxy Apps » Version: 4.2.24.2

cpe:2.3:a:samsung:galaxy_apps:4.2.24.2
Samsung » Galaxy Apps » Version: 4.2.25.9

cpe:2.3:a:samsung:galaxy_apps:4.2.25.9
Samsung » Galaxy Apps » Version: 4.3.0.2

cpe:2.3:a:samsung:galaxy_apps:4.3.0.2
Samsung » Galaxy Apps » Version: 4.3.01.7

cpe:2.3:a:samsung:galaxy_apps:4.3.01.7
Samsung » Galaxy Apps » Version: 4.3.01.9

cpe:2.3:a:samsung:galaxy_apps:4.3.01.9
Samsung » Galaxy Apps » Version: 4.3.017

cpe:2.3:a:samsung:galaxy_apps:4.3.017
Samsung » Galaxy Apps » Version: 4.4.01.7

cpe:2.3:a:samsung:galaxy_apps:4.4.01.7
Samsung » Galaxy Apps » Version: 4.4.03.8

cpe:2.3:a:samsung:galaxy_apps:4.4.03.8
Samsung » Galaxy Apps » Version: 4.4.03.9

cpe:2.3:a:samsung:galaxy_apps:4.4.03.9
Samsung » Galaxy Apps » Version: 4.5.01.7

cpe:2.3:a:samsung:galaxy_apps:4.5.01.7
Samsung » Galaxy Apps » Version: 4.5.01.9

cpe:2.3:a:samsung:galaxy_apps:4.5.01.9
Samsung » Galaxy Apps » Version: 4.5.02.2

cpe:2.3:a:samsung:galaxy_apps:4.5.02.2
Samsung » Galaxy Apps » Version: 4.5.02.5

cpe:2.3:a:samsung:galaxy_apps:4.5.02.5
Samsung » Galaxy Apps » Version: 4.5.02.6

cpe:2.3:a:samsung:galaxy_apps:4.5.02.6
Samsung » Galaxy Apps » Version: 4.5.05.5

cpe:2.3:a:samsung:galaxy_apps:4.5.05.5
Samsung » Galaxy Apps » Version: 4.5.07.2

cpe:2.3:a:samsung:galaxy_apps:4.5.07.2
Samsung » Galaxy Apps » Version: 4.5.09.3

cpe:2.3:a:samsung:galaxy_apps:4.5.09.3
Samsung » Galaxy Apps » Version: 5.1.01.8

cpe:2.3:a:samsung:galaxy_apps:5.1.01.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10500

Products

Pricing

Contact Us