Samsung: >> Galaxy Store >> 4.5.32.4 Security Vulnerabilities
Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-05-03
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-04-11
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.
CVSS Score
6.2
EPSS Score
0.003
Published
2022-04-11
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.
CVSS Score
5.9
EPSS Score
0.001
Published
2022-04-11
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-10
Page 3