Samsung: Security Vulnerabilities
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-11-06
Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles.
CVSS Score
4.6
EPSS Score
0.002
Published
2024-11-06
Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-11-06
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-11-06
Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-11-06
Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.
CVSS Score
2.4
EPSS Score
0.002
Published
2024-11-06
Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
CVSS Score
5.1
EPSS Score
0.001
Published
2024-11-06
Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.
CVSS Score
4.1
EPSS Score
0.0
Published
2024-11-06
Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
CVSS Score
4.6
EPSS Score
0.002
Published
2024-11-06
Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.
CVSS Score
2.4
EPSS Score
0.002
Published
2024-11-06