Samsung: Security Vulnerabilities
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution.
CVSS Score
6.4
EPSS Score
0.001
Published
2024-06-04
Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files.
CVSS Score
4.0
EPSS Score
0.002
Published
2024-06-04
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-06-04
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-06-04
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-06-04
Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS Score
4.2
EPSS Score
0.001
Published
2024-06-04
Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities.
CVSS Score
7.9
EPSS Score
0.001
Published
2024-06-04
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVSS Score
6.7
EPSS Score
0.003
Published
2024-05-14
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVSS Score
6.7
EPSS Score
0.001
Published
2024-05-14
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-05-07