Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2024-31952
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVSS Score
6.7
EPSS Score
0.001
Published
2024-05-14
CVE-2024-20868
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20869
Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-07
CVE-2024-20870
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS Score
5.1
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20862
Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS Score
6.0
EPSS Score
0.0
Published
2024-05-07
CVE-2024-20863
Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS Score
6.7
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20864
Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system resources.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20865
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images.
CVSS Score
6.6
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20866
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step.
CVSS Score
5.7
EPSS Score
0.0
Published
2024-05-07
CVE-2024-20867
Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-05-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved