Samsung: Security Vulnerabilities
Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-12-03
Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-12-03
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.
CVSS Score
8.1
EPSS Score
0.003
Published
2024-12-02
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.
CVSS Score
7.0
EPSS Score
0.003
Published
2024-12-02
Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.
CVSS Score
6.4
EPSS Score
0.001
Published
2024-11-06
Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.
CVSS Score
6.4
EPSS Score
0.001
Published
2024-11-06
Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-11-06
Improper access control in Samsung Voice Recorder prior to version 21.5.40.37 allows physical attackers to access recording files on the lock screen.
CVSS Score
4.6
EPSS Score
0.002
Published
2024-11-06
Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-11-06
Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-11-06