Samsung: Security Vulnerabilities
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVSS Score
6.5
EPSS Score
0.013
Published
2021-05-11
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVSS Score
6.5
EPSS Score
0.058
Published
2021-05-11
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
CVSS Score
5.3
EPSS Score
0.01
Published
2021-05-11
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-04-09
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
CVSS Score
8.6
EPSS Score
0.076
Published
2021-04-09
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-04-09
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
CVSS Score
3.1
EPSS Score
0.002
Published
2021-04-09
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CVSS Score
3.3
EPSS Score
0.0
Published
2021-04-09
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
CVSS Score
4.3
EPSS Score
0.004
Published
2021-04-09
Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-04-09