Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-07-08
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-08
Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-08
Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol.
CVSS Score
9.8
EPSS Score
0.011
Published
2021-07-08
Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file.
CVSS Score
9.8
EPSS Score
0.008
Published
2021-07-08
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-01-22
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-01-22
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-22
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-22
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS Score
8.1
EPSS Score
0.002
Published
2020-01-22
Page 1