Vulnerability Details CVE-2018-20135
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and emulate the API of the app store to modify existing apps at installation time. The specific flaw involves an HTTP method to obtain the load-balanced hostname that enforces SSL only after obtaining a hostname from the load balancer, and a missing app signature validation in the application XML. An attacker can exploit this vulnerability to achieve Remote Code Execution on the device. The Samsung ID is SVE-2018-12071.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
Products affected by CVE-2018-20135
-
cpe:2.3:a:samsung:galaxy_apps:-
-
cpe:2.3:a:samsung:galaxy_apps:3.1.08.0
-
cpe:2.3:a:samsung:galaxy_apps:4.2.06-16
-
cpe:2.3:a:samsung:galaxy_apps:4.2.08-47
-
cpe:2.3:a:samsung:galaxy_apps:4.2.10-11
-
cpe:2.3:a:samsung:galaxy_apps:4.2.11-1
-
cpe:2.3:a:samsung:galaxy_apps:4.2.12.42
-
cpe:2.3:a:samsung:galaxy_apps:4.2.12.50
-
cpe:2.3:a:samsung:galaxy_apps:4.2.12.51
-
cpe:2.3:a:samsung:galaxy_apps:4.2.14.12
-
cpe:2.3:a:samsung:galaxy_apps:4.2.15.1
-
cpe:2.3:a:samsung:galaxy_apps:4.2.16.1
-
cpe:2.3:a:samsung:galaxy_apps:4.2.16.5
-
cpe:2.3:a:samsung:galaxy_apps:4.2.18.2
-
cpe:2.3:a:samsung:galaxy_apps:4.2.19.3
-
cpe:2.3:a:samsung:galaxy_apps:4.2.20.7
-
cpe:2.3:a:samsung:galaxy_apps:4.2.21.1
-
cpe:2.3:a:samsung:galaxy_apps:4.2.22.2
-
cpe:2.3:a:samsung:galaxy_apps:4.2.24.2
-
cpe:2.3:a:samsung:galaxy_apps:4.2.25.9
-
cpe:2.3:a:samsung:galaxy_apps:4.3.0.2
-
cpe:2.3:a:samsung:galaxy_apps:4.3.01.7
-
cpe:2.3:a:samsung:galaxy_apps:4.3.01.9
-
cpe:2.3:a:samsung:galaxy_apps:4.3.017