ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ml-85g_gdi_printer_driver | * |
| samsung | ml-85p_printer_driver | 1.0 |
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server | * |
| samsung | data_management_server | 1.4.1 |
| samsung | data_management_server | 1.3.3 |
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| acer | ac700_chromebook | * |
| samsung | series_5_chromebook | * |
| cr-48_chromebook | * |
Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| chrome_os | * | |
| samsung | series_5_550_chromebook | - |
| acer | ac700_chromebook | - |
| chrome_os | 20.0.1132.1 | |
| chrome_os | 20.0.1132.12 | |
| chrome_os | 20.0.1132.3 | |
| chrome_os | 20.0.1132.18 | |
| chrome_os | 20.0.1132.17 | |
| chrome_os | 20.0.1132.20 | |
| chrome_os | 20.0.1132.16 | |
| chrome_os | 20.0.1132.4 | |
| chrome_os | 20.0.1132.11 | |
| chrome_os | 20.0.1132.7 | |
| chrome_os | 20.0.1132.5 | |
| chrome_os | 20.0.1132.6 | |
| cr-48_chromebook | - | |
| chrome_os | 20.0.1132.8 | |
| chrome_os | 20.0.1132.19 | |
| chrome_os | 20.0.1132.15 | |
| chrome_os | 20.0.1132.10 | |
| samsung | series_5_chromebook | - |
| chrome_os | 20.0.1132.0 | |
| samsung | chromebox_3 | - |
| chrome_os | 20.0.1132.2 | |
| chrome_os | 20.0.1132.9 | |
| chrome_os | 20.0.1132.14 | |
| chrome_os | 20.0.1132.13 |
Samsung Kies Air 2.1.207051 and 2.1.210161 relies on the IP address for authentication, which allows remote man-in-the-middle attackers to read arbitrary phone contents by spoofing or controlling the IP address.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies_air | 2.1.210161 |
| samsung | kies_air | 2.1.207051 |
Samsung Kies Air 2.1.207051 and 2.1.210161 allows remote attackers to cause a denial of service (crash) via a crafted request to www/apps/KiesAir/jws/ssd.php.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies_air | 2.1.210161 |
| samsung | kies_air | 2.1.207051 |
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsungdive | - |
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsungdive | - |
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_note_2 | - |
| meizu | mx | - |
| samsung | galaxy_s2 | - |
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies | * |
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_viewer | - |
Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | dvr | - |
| samsung | smart_viewer | - |
Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | shr-5162 | - |
| samsung | shr-5082 | - |
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | - |
| samsung | galaxy_s3_firmware | - |
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 0.7 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s3_firmware | 1.0 |
| samsung | galaxy_s4_firmware | 1.4 |
The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ps50c7700_television | - |
| samsung | ps50c7700_television_firmware | - |
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 14.04 |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| canonical | ubuntu_linux | 12.04 |
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ipolis_device_manager | * |
Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ipolis_device_manager | * |
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mobile | - |
| samsung | findmymobile | - |
Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartviewer | - |
The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_viewer | - |
Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ipolis_device_manager | 1.12.2 |
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | unified_computing_system | 2.0_1t |
| cisco | unified_computing_system | 2.1_1b |
| cisco | unified_computing_system | 2.2_1d |
| cisco | unified_computing_system | 2.1_3c |
| cisco | unified_computing_system | 2.0_5a |
| cisco | unified_computing_system | 2.2_1b |
| cisco | unified_computing_system | 1.4_3l |
| cisco | unified_computing_system | 2.0_1x |
| cisco | unified_computing_system | 2.1_2a |
| cisco | unified_computing_system | 2.0_3a |
| cisco | unified_computing_system | 2.0_4b |
| cisco | unified_computing_system | 2.2_1c |
| cisco | unified_computing_system | 2.0_5c |
| cisco | unified_computing_system | 2.2_1e |
| zzinc | keymouse_firmware | 3.08 |
| cisco | unified_computing_system | 1.4_4l |
| cisco | unified_computing_system | 2.0_3c |
| cisco | unified_computing_system | 2.0_5f |
| cisco | unified_computing_system | 2.1_1e |
| cisco | unified_computing_system | 1.4_4i |
| cisco | unified_computing_system | 2.0_3b |
| zyxel | gs1900-10hp_firmware | * |
| cisco | unified_computing_system | 1.4_3q |
| netgear | jr6150_firmware | * |
| cisco | unified_computing_system | 2.0_2m |
| cisco | unified_computing_system | 2.1_1d |
| cisco | unified_computing_system | 2.0_2q |
| cisco | unified_computing_system | 1.4_3m |
| cisco | nx-os | base |
| cisco | unified_computing_system | 1.5_base |
| cisco | unified_computing_system | 2.2_2c |
| cisco | unified_computing_system | 2.1_3e |
| cisco | unified_computing_system | 1.6_base |
| cisco | unified_computing_system | 2.0_1s |
| cisco | unified_computing_system | 2.1_3a |
| cisco | unified_computing_system | 2.1_3f |
| cisco | unified_computing_system | 1.4_1m |
| cisco | unified_computing_system | 2.0_1w |
| cisco | unified_computing_system | 1.4_3i |
| cisco | unified_computing_system | 2.0_4a |
| cisco | unified_computing_system | 2.2_2d |
| cisco | unified_computing_system | 2.0_1q |
| cisco | unified_computing_system | 2.0_5d |
| cisco | unified_computing_system | 2.1_3d |
| cisco | unified_computing_system | 1.4_1i |
| cisco | unified_computing_system | 1.4_4j |
| cisco | unified_computing_system | 1.4_4k |
| cisco | unified_computing_system | 2.0_5b |
| cisco | unified_computing_system | 2.0_2r |
| cisco | unified_computing_system | 2.0_4d |
| cisco | unified_computing_system | 2.1_2c |
| cisco | unified_computing_system | 2.1_1a |
| cisco | unified_computing_system | 2.2_2e |
| cisco | unified_computing_system | 2.1_1f |
| sun | opensolaris | snv_124 |
| cisco | unified_computing_system | 2.0_5e |
| cisco | unified_computing_system | 1.4_4f |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| cisco | unified_computing_system | 2.1_2d |
| cisco | unified_computing_system | 1.4_1j |
| cisco | unified_computing_system | 1.4_3u |
| cisco | unified_computing_system | 2.1_3b |
| cisco | unified_computing_system | 1.4_4g |
| cisco | unified_computing_system | 1.4_3s |
| cisco | unified_computing_system | 1.4_3y |
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_app | - |
| samsung | samsung_account_app | - |
Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_app | - |
| samsung | samsung_account_app | - |
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_security_manager | * |
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | i9500xxuemk8 |
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | i9500xxuemk8 |
Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_security_manager | * |
Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | s-beam | - |
The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s5 | - |
Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified parameters to (3) uploadCloning.html, (4) fileupload.html, (5) uploadFirmware.html, or (6) upload/driver.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | syncthru_6 | * |
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x12_firmware | t-mst12deucb-1111.4 |
| samsung | x14h_firmware | t-mst14akucb-1100.4 |
| samsung | nt14u_firmware | t-nt14udcncb-1003.1 |
| samsung | x14h_firmware | t-mst14deucb-1023.0 |
| samsung | x10p_firmware | t-mst10pibrcb-1104.0 |
| samsung | x14j_firmware | t-ms14jdeucb-1018.0 |
| samsung | x10p_firmware | t-mst10pauscp-1302.0 |
| samsung | m288ofw_firmware | - |
| samsung | x14j_firmware | t-ms14jdcncb-1004.2 |
| samsung | nt14u_firmware | t-nt14uakucb-1008.0 |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| samsung | x10p_firmware | t-mst10pdeucb-1210.0 |
| samsung | x12_firmware | t-mst12akucb-1114.0 |
| samsung | x14h_firmware | t-mst14dcncb-1010.0 |
| samsung | nt14u_firmware | t-nt14udeucb-1007.1 |
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack."
CVSS 2.0
Severity: LOW
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| seagate | st500lt015_firmware | - |
| samsung | pm851_firmware | - |
| samsung | 850_pro_firmware | - |
| seagate | st500lt025_firmware | - |
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack."
CVSS 2.0
Severity: LOW
Problem Type: CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| seagate | st500lt015_firmware | - |
| samsung | pm851_firmware | - |
| samsung | 850_pro_firmware | - |
| seagate | st500lt025_firmware | - |
Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_edge_firmware | g925vvru1aoe2 |
Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_edge_firmware | - |
Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 5.1 |
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | m2m1shot_driver | - |
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6 | - |
The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_edge_firmware | lrx22g.g925vvru1aoe2 |
Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | * |
LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0.1 |
| samsung | samsung_mobile | 6.0.1 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 5.0.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 5.1.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6 | - |
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | * |
Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartviewer | - |
The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartviewer | - |
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | web_viewer | * |
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | web_viewer | * |
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | web_viewer | * |
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies | * |
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 22 |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| fedoraproject | fedora | 24 |
| fedoraproject | fedora | 23 |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| adobe | flash_player | * |
| adobe | air_sdk | * |
| adobe | air_sdk_&_compiler | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| adobe | flash_player_desktop_runtime | * |
| adobe | air | * |
| adobe | air_desktop_runtime | * |
An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 0.7 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | note3_firmware | - |
| samsung | s5_firmware | - |
| samsung | s4_firmware | - |
| samsung | note2_firmware | - |
| samsung | s3_firmware | - |
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zyxel | gs1900-10hp_firmware | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| zzinc | keymouse_firmware | 3.08 |
| sun | opensolaris | snv_124 |
| cisco | nx-os | base |
SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zyxel | gs1900-10hp_firmware | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| zzinc | keymouse_firmware | 3.08 |
| sun | opensolaris | snv_124 |
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zyxel | gs1900-10hp_firmware | * |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| zzinc | keymouse_firmware | 3.08 |
| sun | opensolaris | snv_124 |
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | ios_xe | 3.7e_3.7.0e |
| cisco | ios_xe | 3.7e_3.7.2e |
| cisco | ios_xe | 3.6e_3.6.1e |
| cisco | ios_xe | 3.10s_3.10.4s |
| cisco | ios_xe | 3.4s_3.4.3s |
| cisco | ios_xe | 3.7s_3.7.5s |
| cisco | ios_xe | 3.10s_3.10.2s |
| cisco | ios_xe | 3.13s_3.13.2as |
| cisco | ios_xe | 3.4sg_3.4.5sg |
| zyxel | gs1900-10hp_firmware | * |
| cisco | ios_xe | 3.4s_3.4.4s |
| cisco | ios_xe | 3.4sg_3.4.0sg |
| cisco | ios_xe | 3.5e_3.5.0e |
| cisco | ios_xe | 3.9s_3.9.2s |
| cisco | ios_xe | 3.6s_3.6.2s |
| cisco | ios_xe | 3.11s_3.11.3s |
| lenovo | thinkcentre_e75s_firmware | * |
| cisco | ios_xe | 3.9s_3.9.1as |
| cisco | ios_xe | 3.8e_3.8.0e |
| cisco | ios_xe | 3.4sg_3.4.4sg |
| cisco | ios_xe | 3.15s_3.15.1cs |
| cisco | ios_xe | 3.11s_3.11.1s |
| cisco | ios_xe | 3.7s_3.7.4s |
| cisco | ios_xe | 3.12s_3.12.1s |
| cisco | ios_xe | 3.14s_3.14.3s |
| cisco | ios_xe | 3.15s_3.15.1s |
| cisco | ios_xe | 3.13s_3.13.0as |
| cisco | ios_xe | 3.4s_3.4.1s |
| cisco | ios_xe | 3.8s_3.8.0s |
| cisco | ios_xe | 3.6s_3.6.0s |
| cisco | ios_xe | 3.14s_3.14.2s |
| cisco | ios_xe | 3.7s_3.7.0s |
| cisco | ios_xe | 3.7s_3.7.3s |
| cisco | ios_xe | 3.7e_3.7.1e |
| cisco | ios_xe | 3.7s_3.7.2s |
| cisco | ios_xe | 3.16s_3.16.1as |
| cisco | ios_xe | 3.5e_3.5.3e |
| cisco | ios_xe | 3.10s_3.10.1s |
| cisco | ios_xe | 3.12s_3.12.0s |
| cisco | ios_xe | 3.5s_3.5.0s |
| cisco | ios_xe | 3.16s_3.16.1s |
| cisco | ios_xe | 3.4s_3.4.5s |
| cisco | ios_xe | 3.3s_3.3.2s |
| cisco | ios_xe | 3.10s_3.10.6s |
| cisco | ios_xe | 3.7s_3.7.4as |
| cisco | ios_xe | 3.3xo_3.3.2xo |
| cisco | ios_xe | 3.11s_3.11.0s |
| cisco | ios_xe | 3.3xo_3.3.0xo |
| cisco | ios_xe | 3.5s_3.5.1s |
| cisco | ios_xe | 3.7s_3.7.7s |
| cisco | ios_xe | 3.4s_3.4.6s |
| cisco | ios_xe | 3.3s_3.3.0s |
| cisco | ios_xe | 3.11s_3.11.2s |
| cisco | ios_xe | 3.8e_3.8.1e |
| cisco | ios_xe | 3.7s_3.7.1s |
| cisco | ios_xe | 3.6e_3.6.2e |
| cisco | ios_xe | 3.3sg_3.3.2sg |
| cisco | ios_xe | 3.4sg_3.4.3sg |
| zzinc | keymouse_firmware | 3.08 |
| cisco | ios_xe | 3.8s_3.8.2s |
| cisco | ios_xe | 3.16s_3.16.0s |
| cisco | ios_xe | 3.15s_3.15.0s |
| netgear | jr6150_firmware | * |
| cisco | ios_xe | 3.13s_3.13.1s |
| cisco | ios_xe | 3.5s_3.5.2s |
| cisco | ios_xe | 3.7s_3.7.2ts |
| cisco | ios_xe | 3.12s_3.12.2s |
| cisco | ios_xe | 3.5e_3.5.2e |
| cisco | ios_xe | 3.9s_3.9.0as |
| cisco | ios_xe | 3.14s_3.14.0s |
| cisco | ios_xe | 3.10s_3.10.1xbs |
| cisco | ios_xe | 3.4s_3.4.0as |
| cisco | ios_xe | 3.7s_3.7.6s |
| cisco | ios_xe | 3.6s_3.6.1s |
| cisco | ios_xe | 3.17s_3.17.0s |
| cisco | ios_xe | 3.3s_3.3.1s |
| cisco | ios_xe | 3.3sg_3.3.1sg |
| cisco | ios_xe | 3.16s_3.16.0cs |
| cisco | ios_xe | 3.9s_3.9.0s |
| cisco | ios_xe | 3.13s_3.13.3s |
| cisco | ios_xe | 3.10s_3.10.3s |
| cisco | ios_xe | 3.4sg_3.4.1sg |
| cisco | ios_xe | 3.4sg_3.4.2sg |
| cisco | ios_xe | 3.10s_3.10.5s |
| cisco | ios_xe | 3.6e_3.6.3e |
| cisco | ios_xe | 3.8s_3.8.1s |
| cisco | ios_xe | 3.10s_3.10.0s |
| cisco | ios_xe | 3.6e_3.6.2ae |
| cisco | ios_xe | 3.9s_3.9.1s |
| cisco | ios_xe | 3.4s_3.4.2s |
| cisco | ios_xe | 3.13s_3.13.4s |
| cisco | ios_xe | 3.4sg_3.4.7sg |
| cisco | ios_xe | 3.3sg_3.3.0sg |
| sun | opensolaris | snv_124 |
| cisco | ios_xe | 3.4s_3.4.0s |
| cisco | ios_xe | 3.5e_3.5.1e |
| cisco | ios_xe | 3.6e_3.6.0e |
| cisco | ios_xe | 3.11s_3.11.4s |
| cisco | ios_xe | 3.7e_3.7.3e |
| cisco | ios_xe | 3.13s_3.13.0s |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| cisco | ios_xe | 3.12s_3.12.4s |
| cisco | ios_xe | 3.12s_3.12.3s |
| cisco | ios_xe | 3.14s_3.14.1s |
| cisco | ios_xe | 3.4sg_3.4.6sg |
| cisco | ios_xe | 3.3xo_3.3.1xo |
| cisco | ios_xe | 3.15s_3.15.2s |
| cisco | ios_xe | 3.13s_3.13.2s |
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zyxel | gs1900-10hp_firmware | * |
| netgear | jr6150_firmware | * |
| dell | emc_powerscale_onefs | 8.2.2 |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| zzinc | keymouse_firmware | 3.08 |
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | ios_xe | 3.7e_3.7.0e |
| cisco | ios_xe | 3.7e_3.7.2e |
| cisco | ios_xe | 3.11s_3.11.2s |
| cisco | ios_xe | 3.7s_3.7.1s |
| cisco | ios_xe | 3.6e_3.6.2e |
| cisco | ios_xe | 3.6e_3.6.1e |
| cisco | ios_xe | 3.10s_3.10.4s |
| zzinc | keymouse_firmware | 3.08 |
| cisco | ios_xe | 3.7s_3.7.5s |
| cisco | ios_xe | 3.8s_3.8.2s |
| cisco | ios_xe | 3.10s_3.10.2s |
| cisco | ios_xe | 3.13s_3.13.2as |
| cisco | ios_xe | 3.16s_3.16.0s |
| cisco | ios_xe | 3.15s_3.15.0s |
| zyxel | gs1900-10hp_firmware | * |
| netgear | jr6150_firmware | * |
| cisco | ios_xe | 3.13s_3.13.1s |
| cisco | ios_xe | 3.5s_3.5.2s |
| cisco | ios_xe | 3.5e_3.5.0e |
| cisco | ios_xe | 3.7s_3.7.2ts |
| cisco | ios_xe | 3.9s_3.9.2s |
| cisco | ios_xe | 3.12s_3.12.2s |
| cisco | ios_xe | 3.5e_3.5.2e |
| cisco | ios_xe | 3.6s_3.6.2s |
| cisco | ios_xe | 3.11s_3.11.3s |
| cisco | ios_xe | 3.9s_3.9.0as |
| cisco | ios_xe | 3.9s_3.9.1as |
| cisco | ios_xe | 3.14s_3.14.0s |
| cisco | ios_xe | 3.8e_3.8.0e |
| cisco | ios_xe | 3.10s_3.10.1xbs |
| cisco | ios_xe | 3.7s_3.7.6s |
| cisco | ios_xe | 3.6s_3.6.1s |
| cisco | ios_xe | 3.15s_3.15.1cs |
| cisco | ios_xe | 3.11s_3.11.1s |
| cisco | ios_xe | 3.7s_3.7.4s |
| cisco | ios_xe | 3.12s_3.12.1s |
| cisco | ios_xe | 3.14s_3.14.3s |
| cisco | ios_xe | 3.15s_3.15.1s |
| cisco | ios_xe | 3.16s_3.16.0cs |
| cisco | ios_xe | 3.9s_3.9.0s |
| cisco | ios_xe | 3.13s_3.13.0as |
| cisco | ios_xe | 3.13s_3.13.3s |
| cisco | ios_xe | 3.8s_3.8.0s |
| cisco | ios_xe | 3.10s_3.10.3s |
| cisco | ios_xe | 3.6s_3.6.0s |
| cisco | ios_xe | 3.14s_3.14.2s |
| cisco | ios_xe | 3.7s_3.7.0s |
| cisco | ios_xe | 3.7s_3.7.3s |
| cisco | ios_xe | 3.7e_3.7.1e |
| cisco | ios_xe | 3.7s_3.7.2s |
| cisco | ios_xe | 3.16s_3.16.1as |
| cisco | ios_xe | 3.10s_3.10.5s |
| cisco | ios_xe | 3.5e_3.5.3e |
| cisco | ios_xe | 3.6e_3.6.3e |
| cisco | ios_xe | 3.8s_3.8.1s |
| cisco | ios_xe | 3.10s_3.10.1s |
| cisco | ios_xe | 3.12s_3.12.0s |
| cisco | ios_xe | 3.5s_3.5.0s |
| cisco | ios_xe | 3.16s_3.16.1s |
| cisco | ios_xe | 3.10s_3.10.0s |
| cisco | ios_xe | 3.6e_3.6.2ae |
| cisco | ios_xe | 3.9s_3.9.1s |
| cisco | ios_xe | 3.13s_3.13.4s |
| sun | opensolaris | snv_124 |
| cisco | ios_xe | 3.5e_3.5.1e |
| cisco | ios_xe | 3.6e_3.6.0e |
| cisco | ios_xe | 3.10s_3.10.6s |
| cisco | ios_xe | 3.7s_3.7.4as |
| cisco | ios_xe | 3.11s_3.11.4s |
| cisco | ios_xe | 3.3xo_3.3.2xo |
| cisco | ios_xe | 3.11s_3.11.0s |
| cisco | ios_xe | 3.3xo_3.3.0xo |
| cisco | ios_xe | 3.13s_3.13.0s |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| cisco | ios_xe | 3.5s_3.5.1s |
| cisco | ios_xe | 3.12s_3.12.4s |
| cisco | ios_xe | 3.12s_3.12.3s |
| cisco | ios_xe | 3.14s_3.14.1s |
| cisco | ios_xe | 3.3xo_3.3.1xo |
| cisco | ios_xe | 3.7s_3.7.7s |
| cisco | ios_xe | 3.15s_3.15.2s |
| cisco | ios_xe | 3.13s_3.13.2s |
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cisco | ios_xe | 3.7e_3.7.0e |
| cisco | ios_xe | 3.4sg_3.4.4sg |
| cisco | ios_xe | 3.7e_3.7.2e |
| cisco | ios_xe | 3.3se_3.3.3se |
| cisco | ios_xe | 3.6e_3.6.2e |
| cisco | ios_xe | 3.6e_3.6.1e |
| cisco | ios_xe | 3.3se_3.3.2se |
| cisco | ios_xe | 3.4sg_3.4.1sg |
| cisco | ios_xe | 3.4sg_3.4.2sg |
| cisco | ios_xe | 3.4sg_3.4.3sg |
| zzinc | keymouse_firmware | 3.08 |
| cisco | ios_xe | 3.7e_3.7.1e |
| cisco | ios_xe | 3.5e_3.5.3e |
| cisco | ios_xe | 3.2se_3.2.2se |
| cisco | ios_xe | 3.2se_3.2.1se |
| cisco | ios_xe | 3.2se_3.2.3se |
| cisco | ios_xe | 3.4sg_3.4.5sg |
| cisco | ios_xe | 3.3se_3.3.4se |
| zyxel | gs1900-10hp_firmware | * |
| netgear | jr6150_firmware | * |
| cisco | ios_xe | 3.6e_3.6.2ae |
| cisco | ios_xe | 3.3se_3.3.1se |
| sun | opensolaris | snv_124 |
| cisco | ios_xe | 3.5e_3.5.1e |
| cisco | ios_xe | 3.6e_3.6.0e |
| cisco | ios_xe | 3.4sg_3.4.0sg |
| intel | core_i5-9400f_firmware | - |
| cisco | ios_xe | 3.5e_3.5.0e |
| cisco | ios_xe | 3.5e_3.5.2e |
| cisco | ios_xe | 3.2se_3.2.0se |
| cisco | ios_xe | 3.3xo_3.3.2xo |
| cisco | ios_xe | 3.3xo_3.3.0xo |
| cisco | ios_xe | 3.3se_3.3.0se |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| cisco | ios_xe | 3.3se_3.3.5se |
| cisco | ios_xe | 3.4sg_3.4.6sg |
| cisco | ios_xe | 3.3xo_3.3.1xo |
| cisco | ios_xe | 3.2ja_3.2.0ja |
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zyxel | gs1900-10hp_firmware | * |
| cisco | ios_xe | 3.9.0as |
| cisco | ios_xe | 3.10.2s |
| cisco | ios_xe | 3.9.0s |
| cisco | ios_xe | 3.9.2s |
| cisco | ios_xe | 3.11.0s |
| sun | opensolaris | snv_124 |
| cisco | ios_xe | 3.8.0s |
| cisco | ios_xe | 3.10.1s |
| cisco | ios_xe | 3.8.2s |
| cisco | ios_xe | 3.10.0s |
| cisco | ios_xe | 3.9.1as |
| cisco | ios_xe | 3.9.1s |
| samsung | x14j_firmware | t-ms14jakucb-1102.5 |
| cisco | ios_xe | 3.8.1s |
| zzinc | keymouse_firmware | 3.08 |
| lenovo | thinkcentre_e75s_firmware | * |
| cisco | ios_xe | 3.10.1xbs |
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox | * |
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox | 1.0 |
The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036.
CVSS 2.0
Severity: LOW
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_note_3_firmware | n9005xxugbob6 |
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_note_3_firmware | n9005xxugbob6 |
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox | 1.0 |
| samsung | knox | 2.3.0 |
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | i9505xxuhoj2 |
| samsung | galaxy_note_3_firmware | n9005xxugbob6 |
| samsung | galaxy_s4_mini_firmware | i9192xxubnb1 |
| samsung | galaxy_s4_mini_lte_firmware | i9195xxucol1 |
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | i9505xxuhoj2 |
| samsung | galaxy_note_3_firmware | n9005xxugbob6 |
| samsung | galaxy_s4_mini_firmware | i9192xxubnb1 |
| samsung | galaxy_s4_mini_lte_firmware | i9195xxucol1 |
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s4_firmware | i9505xxuhoj2 |
| samsung | galaxy_note_3_firmware | n9005xxugbob6 |
| samsung | galaxy_s4_mini_firmware | i9192xxubnb1 |
| samsung | galaxy_s4_mini_lte_firmware | i9195xxucol1 |
| samsung | galaxy_s6_firmware | g920fxxu2coh2 |
Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 5.1 |
The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 5.1 |
NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_fimg2d | - |
A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_fimg2d_driver | - |
Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_fimg2d_driver | - |
The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-388,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-388,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-388,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung server and injecting content at a certain point in the update sequence. This installed application can further leak information stored inside the Knox container to the outside world.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox_identity_access_management | 16.11 |
| samsung | knox_enterprise_mobility_management | 16.11 |
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-326,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | srn_472s_firmware | - |
| samsung | srn_470d_firmware | - |
| samsung | srn_1000_firmware | - |
| samsung | srn_1670d_firmware | - |
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet_browser | 5.4.02.3 |
Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML file does not have a document.domain value corresponding to the domain that is hosting the MHTML file, but instead has a document.domain value corresponding to an arbitrary URL within the content of the MHTML file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet_browser | 6.2.01.12 |
On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 6.0.1 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 5.1.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s5_firmware | * |
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-295,CWE-311,CWE-345,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 5.0 |
Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 4.4 |
| samsung | samsung_mobile | 5.1 |
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 7.0 |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| amd | e-350 | - |
| intel | atom_c2750 | - |
| amd | athlon_ii_640_x4 | - |
| intel | core_i7-6700k | - |
| intel | core_i7-3632qm | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |
| intel | core_i5_m480 | - |
| intel | celeron_n2840 | - |
| intel | xeon_e3-1240_v5 | - |
| allwinner | a64 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-4500u | - |
| amd | fx-8320_8-core | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| nvidia | tegra_k1_cd580m-a1 | - |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| amd | e-350 | - |
| intel | atom_c2750 | - |
| amd | athlon_ii_640_x4 | - |
| intel | core_i7-6700k | - |
| intel | core_i7-3632qm | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |
| intel | core_i5_m480 | - |
| intel | celeron_n2840 | - |
| intel | xeon_e3-1240_v5 | - |
| allwinner | a64 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-4500u | - |
| amd | fx-8320_8-core | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| nvidia | tegra_k1_cd580m-a1 | - |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| amd | e-350 | - |
| intel | atom_c2750 | - |
| amd | athlon_ii_640_x4 | - |
| intel | core_i7-6700k | - |
| intel | core_i7-3632qm | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |
| intel | core_i5_m480 | - |
| intel | celeron_n2840 | - |
| intel | xeon_e3-1240_v5 | - |
| allwinner | a64 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-4500u | - |
| amd | fx-8320_8-core | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| nvidia | tegra_k1_cd580m-a1 | - |
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5326.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-416,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_internet_browser | * |
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5328.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_email | * |
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file:/// URIs. The issue lies in the lack of proper validation of user-supplied data, which can allow for reading arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges. Was ZDI-CAN-5329.
CVSS 2.0
Severity: LOW
Problem Type: CWE-37,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_email | * |
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue lies in the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to install applications under the context of the current user. Was ZDI-CAN-5330.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_apps | * |
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_apps | * |
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_apps | * |
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5361.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_members | * |
Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hanwha-security | hrd-842_firmware | * |
| hanwha-security | hrd-440_firmware | * |
| hanwha-security | hrd-1641_firmware | * |
| hanwha-security | hrd-443_firmware | * |
| hanwha-security | hrd-841_firmware | * |
| hanwha-security | srd-1694u_firmware | * |
| samsung | smartviewer | - |
| hanwha-security | hrd-442_firmware | * |
| hanwha-security | hrd-1642_firmware | * |
| hanwha-security | hrd-840_firmware | * |
An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | 840_evo_firmware | - |
| micron | crucial_mx200_firmware | - |
| samsung | 850_evo_firmware | - |
| micron | crucial_mx300_firmware | - |
| samsung | t3_firmware | - |
| micron | crucial_mx100_firmware | - |
| samsung | t5_firmware | - |
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key.
CVSS 2.0
Severity: LOW
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | 840_evo_firmware | - |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-121,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s8_firmware | g950fxxu1aql5 |
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.
CVSS 2.0
Severity: LOW
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s6_firmware | g920fxxu5eqh7 |
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | syncthru_web_service | 4.05.61 |
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | syncthru_web_service | 4.05.61 |
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_2_firmware | * |
| samsung | gear_fit_2_firmware | * |
| samsung | gear_live_firmware | * |
| samsung | gear_fit_2_pro_firmware | * |
| samsung | gear_s3_firmware | * |
| samsung | gear_s2_firmware | * |
| samsung | gear_s_firmware | * |
| samsung | gear_fit_firmware | * |
| samsung | gear_sport_firmware | * |
| samsung | galaxy_gear_firmware | * |
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_2_firmware | * |
| samsung | gear_fit_2_firmware | * |
| samsung | gear_live_firmware | * |
| samsung | gear_fit_2_pro_firmware | * |
| samsung | gear_s3_firmware | * |
| samsung | gear_s2_firmware | * |
| samsung | gear_s_firmware | * |
| samsung | gear_fit_firmware | * |
| samsung | gear_sport_firmware | * |
| samsung | galaxy_gear_firmware | * |
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_2_firmware | * |
| samsung | gear_fit_2_firmware | * |
| samsung | gear_live_firmware | * |
| samsung | gear_fit_2_pro_firmware | * |
| samsung | gear_s3_firmware | * |
| samsung | gear_s2_firmware | * |
| samsung | gear_s_firmware | * |
| samsung | gear_fit_firmware | * |
| samsung | gear_sport_firmware | * |
| samsung | galaxy_gear_firmware | * |
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_2_firmware | * |
| samsung | gear_fit_2_firmware | * |
| samsung | gear_live_firmware | * |
| samsung | gear_fit_2_pro_firmware | * |
| samsung | gear_s3_firmware | * |
| samsung | gear_s2_firmware | * |
| samsung | gear_s_firmware | * |
| samsung | gear_fit_firmware | * |
| samsung | gear_sport_firmware | * |
| samsung | galaxy_gear_firmware | * |
Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | scx-6545x_firmware | 2.00.03.01 |
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and emulate the API of the app store to modify existing apps at installation time. The specific flaw involves an HTTP method to obtain the load-balanced hostname that enforces SSL only after obtaining a hostname from the load balancer, and a missing app signature validation in the application XML. An attacker can exploit this vulnerability to achieve Remote Code Execution on the device. The Samsung ID is SVE-2018-12071.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_apps | * |
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-88,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. A strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "user" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "password" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long "cameraIp" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strcpy at [8] overflows the destination buffer, which has a size of 40 bytes. An attacker can send an arbitrarily long 'callbackUrl' value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy overflows the destination buffer, which has a size of 2,000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an arbitrarily long "directory" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. A strncpy overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "correlationId" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "callbackUrl" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512 bytes. An attacker can send an arbitrarily long "url" value in order to overwrite the saved-PC with 0x42424242.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H | 3.9 | 5.8 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-444,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages, leading to partially controlled requests generated toward the internal video-core process. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-113,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long "bucket" value in order to exploit this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The strcpy call overflows the destination buffer, which has a size of 16 bytes. An attacker can send an arbitrarily long "region" value in order to exploit this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-707,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.9 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 3.1 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-host servers, leading to a buffer overflow on the heap. An attacker able to impersonate the remote HTTP servers could trigger this vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-191,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to the exposure of sensitive data. An attacker can impersonate the remote backtrace.io server in order to trigger this vulnerability.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sth-eth-250_firmware | 0.20.17 |
On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-319,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | display_solutions | * |
On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 5.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
| samsung | samsung_mobile | 5.1 |
On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_mobile | 6.0 |
| samsung | samsung_mobile | 7.1.2 |
| samsung | samsung_mobile | 7.1 |
| samsung | samsung_mobile | 7.1.1 |
| samsung | samsung_mobile | 7.0 |
Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions "the Samsung Security Team considered this issue as no/little security impact.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | s9+_firmware | - |
| samsung | xcover_4_firmware | - |
| samsung | s10_firmware | - |
Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | scx-824_firmware | - |
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.2 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.5 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nexus_7_firmware | - | |
| sony | xperia_z4_firmware | - |
| sharp | aquos_zeta_sh-04f_firmware | - |
| fujitsu | arrows_nx_f05-f_firmware | - |
| samsung | galaxy_s4_firmware | - |
| mi | mi_5s_plus_firmware | - |
| nexus_9_firmware | - | |
| samsung | galaxy_s6_edge_firmware | - |
The Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_a3_firmware | - |
The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_a5_firmware | - |
The Samsung A7 Android device with a build fingerprint of samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_a7_firmware | - |
The Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_a8+_firmware | - |
The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_xcover4_firmware | - |
The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_xcover4_firmware | - |
The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_xcover4_firmware | - |
The Samsung J5 Android device with a build fingerprint of samsung/on5xeltedx/on5xelte:8.0.0/R16NW/G570YDXU2CRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j5_firmware | - |
The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | on_7_firmware | - |
The Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | on_7_firmware | - |
The Samsung J7 Max Android device with a build fingerprint of samsung/j7maxlteins/j7maxlte:8.1.0/M1AJQ/G615FXXU2BSB1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_max_firmware | - |
The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_firmware | - |
The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_firmware | - |
The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXU3ESAC:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_firmware | - |
The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_edge_firmware | - |
The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_edge_firmware | - |
The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s7_edge_firmware | - |
The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j3_pop_firmware | - |
The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j3_firmware | - |
The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j3_firmware | - |
The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j4_firmware | - |
The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j4_firmware | - |
The Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j5_firmware | - |
The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j6_firmware | - |
The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j6_firmware | - |
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_neo_firmware | - |
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_neo_firmware | - |
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_neo_firmware | - |
The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_neo_firmware | - |
The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_duo_firmware | - |
The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_prime_firmware | - |
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_pro_firmware | - |
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_j7_pro_firmware | - |
The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | text-to-speech | * |
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_firmware | - |
| trustedconnectivityalliance | s@t_browser | - |
Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_note_2_firmware | - |
| samsung | galaxy_s8_plus_firmware | - |
| samsung | galaxy_s3_firmware | - |
Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_note_2_firmware | - |
| samsung | galaxy_s8_plus_firmware | - |
| samsung | galaxy_s3_firmware | - |
Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | note_10_firmware | - |
| samsung | galaxy_s10_firmware | - |
On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 8.0 | |
| android | 9.0 | |
| samsung | exynos_8895 | - |
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | prismview_player_11 | 13.09.1100 |
| samsung | prismview_system_9 | 11.10.17.00 |
An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. Attackers can manipulate the IMEI. The Samsung ID is SVE-2019-15435 (October 2019).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | note9 | - |
| samsung | s9 | - |
An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September 2019).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_smp1300 | - |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ASN.1 parser. When parsing ASN.1 strings, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7472.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s9_firmware | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7476.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.3 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N | 2.8 | 5.8 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-601,CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s9_firmware | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the GameServiceReceiver update mechanism. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7477.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-358,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s9_firmware | * |
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox | 1.2.02.39 |
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x7400gx_firmware | 6.a6.25 |
| samsung | syncthru_web_service | - |
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x7400gx_firmware | 6.a6.25 |
| samsung | syncthru_web_service | - |
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x7400gx_firmware | 6.a6.25 |
| samsung | syncthru_web_service | - |
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | x7400gx_firmware | 6.a6.25 |
| samsung | syncthru_web_service | - |
Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skhynix | lpddr4 | - |
| samsung | lpddr4 | - |
| micron | lpddr4 | - |
| skhynix | ddr4_sdram | - |
| micron | ddr4_sdram | - |
| samsung | ddr4 | - |
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos | - |
A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sww-3400rw_firmware | - |
An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos | - |
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| arista | o-105_firmware | * |
| arista | c-260_firmware | * |
| arista | c-230_firmware | * |
| arista | w-118_firmware | * |
| arista | c-235_firmware | * |
| arista | c-120_firmware | * |
| arista | c-75_firmware | - |
| arista | c-250_firmware | * |
| siemens | scalance_w700_ieee_802.11n_firmware | * |
| arista | o-90_firmware | - |
| siemens | scalance_w700_ieee_802.11ax_firmware | * |
| arista | c-110_firmware | * |
| arista | c-130_firmware | * |
| arista | c-200_firmware | * |
| arista | w-68_firmware | - |
| arista | c-65_firmware | - |
| arista | c-100_firmware | * |
| samsung | galaxy_i9305_firmware | 4.4.4 |
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| siemens | 6gk5763-1al00-3aa0_firmware | * |
| siemens | 6gk5766-1je00-7ta0_firmware | * |
| siemens | 6gk5763-1al00-7da0_firmware | * |
| siemens | 6gk5766-1ge00-7ta0_firmware | * |
| siemens | 6gk5766-1je00-7da0_firmware | * |
| siemens | 6gk5766-1je00-3da0_firmware | * |
| siemens | 6gk5766-1ge00-3db0_firmware | * |
| siemens | 6gk5766-1ge00-3da0_firmware | * |
| siemens | 6gk5766-1ge00-7db0_firmware | * |
| siemens | 6gk5766-1ge00-7tb0_firmware | * |
| siemens | 6gk5766-1ge00-7da0_firmware | * |
| siemens | 6gk5763-1al00-3da0_firmware | * |
| samsung | galaxy_i9305_firmware | 4.4.4 |
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| arista | o-105_firmware | * |
| arista | c-260_firmware | * |
| arista | c-230_firmware | * |
| arista | w-118_firmware | * |
| arista | c-235_firmware | * |
| arista | c-120_firmware | * |
| arista | c-75_firmware | - |
| arista | c-250_firmware | * |
| siemens | scalance_w700_ieee_802.11n_firmware | * |
| arista | o-90_firmware | - |
| arista | c-110_firmware | * |
| arista | c-130_firmware | * |
| siemens | scalance_w1750d_firmware | * |
| arista | c-200_firmware | * |
| arista | w-68_firmware | - |
| arista | c-65_firmware | - |
| arista | c-100_firmware | * |
| siemens | scalance_w1700_ieee_802.11ac_firmware | * |
| samsung | galaxy_i9305_firmware | 4.4.4 |
Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vuln@krcert.or.kr | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-502,CWE-502,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | update | * |
Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| silabs | 500_series_firmware | * |
| aeotec | zw090-a | 3.95 |
| samsung | sth-eth-200 | 6.04 |
| zooz | zst10 | 6.04 |
| silabs | 700_series_firmware | - |
| silabs | uzb-7 | 7.00 |
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tizenrt | * |
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 0.7 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pay_mini | * |
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 0.7 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pay_mini | * |
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 0.7 | 2.5 |
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pay_mini | * |
Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.5 | LOW | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.0 | 1.4 |
| nvd@nist.gov | 2.5 | LOW | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.0 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-703,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one_ui | 2.5 |
| android | 10.0 |
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | s_assistant | * |
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.1 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 0.7 | 1.4 |
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-703,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | slow_motion_editor | * |
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.9 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.3 | 3.6 |
| mobile.security@samsung.com | 2.0 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N | 0.6 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 0.7 | 2.5 |
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 0.9 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_voice | * |
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_themes | * |
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.9 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N | 0.3 | 2.5 |
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N | 0.2 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-703,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N | 1.2 | 2.5 |
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | customization_service | * |
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 3.9 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-330,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 3.1 | LOW | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 1.6 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-662,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | experience_service | * |
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-926,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L | 1.6 | 3.7 |
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-703,CWE-755,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby | * |
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | 12.1.1.3 |
| samsung | account | 10.8.0.4 |
Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-561,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_voice | * |
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_manager | * |
Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-926,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
| samsung | account | 12.2.0.9 |
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings_firmware | * |
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_s | * |
Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-703,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-779,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-779,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_3_plugin | * |
Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-779,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | watch_active_plugin | * |
Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-779,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | watch_active2_plugin | * |
Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_2_firmware | * |
| samsung | gear_2_neo_firmware | * |
| samsung | galaxy_watch_active_firmware | * |
| samsung | gear_s3_firmware | * |
| samsung | gear_s2_firmware | * |
| samsung | galaxy_watch_firmware | * |
| samsung | gear_s_firmware | * |
| samsung | galaxy_watch_active_2_firmware | * |
| samsung | galaxy_watch_3_firmware | * |
Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-703,CWE-754,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cameralyzer | * |
Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_members | 3.9.10.11 |
| samsung | samsung_members | * |
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
| samsung | members | 3.9.10.11 |
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
| samsung | members | 3.9.10.11 |
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | factorycamerafb | * |
Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ar_emoji_editor | 4.4.03.5 |
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | knox_cloud_services | * |
Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings_firmware | * |
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings_firmware | * |
Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_touch_call | * |
Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview.
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | penup | * |
An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | capture | * |
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | themes | * |
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.5 | 4.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-787,CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.5 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.5 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.5 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.5 | 4.7 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | group_sharing | * |
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pass | * |
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_flow | * |
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_flow | * |
Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,CWE-552,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_capture | * |
Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | dialer | * |
Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-922,CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | contacts | * |
Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.0 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:L | 0.4 | 1.4 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-703,CWE-754,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pay | * |
Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-926,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_wallet | * |
Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.8 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N | 2.0 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-926,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pay | * |
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | multixpress_sl-x7400_ss053a | - |
| samsung | xpress_sl-m2876_ss356a | - |
| samsung | xpress_sl-m2070_ss297a | - |
| samsung | xpress_sl-m2670_ss331a | - |
| samsung | proxpress_sl-c4010_ss216g | - |
| samsung | sf-760_ss196a | - |
| samsung | proxpress_sl-m3820_ss373g | - |
| hp | laser_mfp_130_4zb84a | - |
| samsung | proxpress_sl-m3820_ss373n | - |
| samsung | proxpress_sl-c3060_ss213f | - |
| samsung | proxpress_sl-m3820_ss373z | - |
| samsung | scx-3405_sv943a | - |
| hp | laser_mfp_130_4zb90a | - |
| samsung | proxpress_sl-m4075_ss393a | - |
| hp | laser_mfp_130_4zb92a | - |
| samsung | multixpress_sl-x4250_ss048a | - |
| hp | laserjet_mfp_m437_7zb20a | - |
| samsung | xpress_sl-m2625_ss326a | - |
| samsung | xpress_sl-m2676_sw113a | - |
| hp | laserjet_mfp_m438_8af44a | - |
| samsung | sf-760_ss199a | - |
| samsung | proxpress_sl-m3820_ss372c | - |
| samsung | ml-5510_ss152a | - |
| samsung | proxpress_sl-c3060_ss211h | - |
| samsung | xpress_sl-m2620_ss322a | - |
| samsung | proxpress_sl-c4060_ss218a | - |
| samsung | xpress_sl-m2671_ss333a | - |
| hp | color_laser_mfp_170_6hu08a | - |
| samsung | xpress_sl-c480_ss255a | - |
| samsung | ml-6510_ss153a | - |
| samsung | scx-3406_sv947a | - |
| samsung | clx-6260_ss108a | - |
| samsung | multixpress_scx-8128_sw172a | - |
| samsung | ml-5017_ss148a | - |
| samsung | proxpress_sl-c4010_ss216h | - |
| samsung | proxpress_sl-m4024_ss385a | - |
| samsung | clp-365_sw139a | - |
| samsung | proxpress_sl-c3010_ss210e | - |
| samsung | xpress_sl-m2070_ss298a | - |
| hp | laserjet_mfp_m42523_7zb25a | - |
| samsung | multixpress_scx-8128_ss018a | - |
| samsung | proxpress_sl-c4010_ss216z | - |
| samsung | xpress_sl-m2675_ss335a | - |
| samsung | proxpress_sl-c4010_ss216t | - |
| hp | laserjet_mfp_m437_7zb19a | - |
| samsung | multixpress_sl-k4350_ss033a | - |
| samsung | ml-6510_sv901a | - |
| samsung | scx-5639_st676a | - |
| samsung | proxpress_sl-m3820_ss371c | - |
| samsung | clx-6260_sw177a | - |
| samsung | multixpress_clx-9301_sw179a | - |
| samsung | scx-4521_sv967a | - |
| samsung | proxpress_sl-c4010_ss216e | - |
| hp | laserjet_mfp_m436_w7u01a | - |
| samsung | clx-3305_ss094a | - |
| samsung | proxpress_sl-c3010_ss210h | - |
| samsung | ml-6510_sv899c | - |
| samsung | proxpress_sl-c4010_ss215a | - |
| samsung | proxpress_sl-m3375fd_ss369b | - |
| samsung | proxpress_sl-m4070_ss390c | - |
| samsung | proxpress_sl-m4560_ss400a | - |
| samsung | xpress_sl-m2835_ss346a | - |
| samsung | ml-5510_ss151a | - |
| samsung | sf-760_ss195a | - |
| samsung | xpress_sl-c430_ss230a | - |
| hp | laserjet_mfp_m440_8af47a | - |
| hp | laser_mfp_130_6hu12a | - |
| samsung | xpress_sl-m2625_ss327a | - |
| samsung | scx-5737_sw045a | - |
| samsung | multixpress_sl-x3280_ss044a | - |
| samsung | scx-5635_sw040a | - |
| samsung | proxpress_sl-c3060_ss213b | - |
| samsung | proxpress_sl-c4062_ss219a | - |
| samsung | proxpress_sl-m3825_ss376a | - |
| hp | laser_mfp_130_4zb87a | - |
| samsung | proxpress_sl-m3875_ss380a | - |
| samsung | scx-4021_ss165a | - |
| samsung | multixpress_sl-x7400_ss054a | - |
| hp | laser_mfp_130_6hu10a | - |
| samsung | xpress_sl-m2870_ss349a | - |
| samsung | scx-3406_sv946a | - |
| samsung | proxpress_sl-c3010_ss210m | - |
| hp | color_laser_150_4zb94a | - |
| samsung | xpress_sl-m2626_ss328a | - |
| samsung | clp-680_ss075a | - |
| hp | laser_mfp_432_7uq76a | - |
| samsung | clp-360_ss062a | - |
| samsung | xpress_sl-m2875_ss351a | - |
| hp | laserjet_mfp_m42625_8af51a | - |
| samsung | scx-3401_ss158a | - |
| hp | laser_mfp_130_4zb88a | - |
| samsung | clx-6260_ss106a | - |
| samsung | proxpress_sl-m4580_ss402a | - |
| samsung | proxpress_sl-c4010_ss216c | - |
| hp | laser_100_4zb79a | - |
| samsung | proxpress_sl-m3820_ss373j | - |
| hp | laserjet_mfp_m438_8af45a | - |
| hp | laser_100_4zb81a | - |
| samsung | proxpress_sl-c3060_ss211p | - |
| samsung | xpress_sl-m2620_ss323a | - |
| samsung | xpress_sl-m2626_ss329a | - |
| samsung | proxpress_sl-m4020_ss383x | - |
| samsung | xpress_sl-m2676_ss338a | - |
| samsung | multixpress_sl-m4370_sw117a | - |
| samsung | multixpress_sl-k4250_ss030a | - |
| samsung | xpress_sl-m2825_ss343a | - |
| samsung | proxpress_sl-m3820_ss373l | - |
| samsung | proxpress_sl-m4025_ss386a | - |
| hp | laserjet_mfp_m72625-m72630_2zn50a | - |
| samsung | proxpress_sl-m3820_ss371b | - |
| samsung | multixpress_sl-k7600_ss041a | - |
| samsung | proxpress_sl-m3820_ss373c | - |
| samsung | xpress_sl-m3015_ss360a | - |
| samsung | proxpress_sl-c3010_ss210b | - |
| samsung | proxpress_sl-c4010_ss216d | - |
| samsung | proxpress_sl-m4020_4pt7b | - |
| samsung | proxpress_sl-m4530_ss397e | - |
| samsung | proxpress_sl-m3820_ss373m | - |
| samsung | scx-3406_ss164a | - |
| samsung | scx-4521_sw129a | - |
| samsung | multixpress_scx-8240_sw185a | - |
| samsung | scx-4650_sb983a | - |
| samsung | proxpress_sl-m4530_ss397g | - |
| samsung | xpress_sl-c480_ss254a | - |
| samsung | proxpress_sl-c3060_ss211l | - |
| samsung | proxpress_sl-m3820_ss373p | - |
| samsung | proxpress_sl-c4010_ss216n | - |
| samsung | proxpress_sl-m3820_ss373k | - |
| samsung | scx-3401_sv393a | - |
| samsung | scx-5637_ss182a | - |
| samsung | scx-4521_sv530a | - |
| hp | color_laser_mfp_170_6hu09a | - |
| samsung | scx-4521_sv966a | - |
| samsung | proxpress_sl-m4020_ss383k | - |
| hp | color_laser_150_4zb95a | - |
| samsung | xpress_sl-m2826_ss344a | - |
| samsung | proxpress_sl-c3060_ss211g | - |
| samsung | clp-365_ss066a | - |
| samsung | xpress_sl-m2876_ss357a | - |
| samsung | proxpress_sl-m3820_ss373h | - |
| samsung | ml-5510_ss149a | - |
| samsung | multixpress_sl-k4250_ss031a | - |
| samsung | xpress_sl-c480_ss256a | - |
| samsung | scx-3405_ss160a | - |
| samsung | scx-5737_ss183a | - |
| samsung | scx-5637_sw043a | - |
| samsung | proxpress_sl-m3820_ss373t | - |
| samsung | scx-4521_sv968a | - |
| samsung | xpress_sl-m2821_ss341a | - |
| samsung | scx-4833_ss180a | - |
| samsung | proxpress_sl-m3320nd_ss365a | - |
| samsung | scx-5635_sw041a | - |
| samsung | proxpress_sl-c3010_ss210d | - |
| samsung | proxpress_sl-c4010_ss216a | - |
| hp | laserjet_mfp_m436_2ky38a | - |
| samsung | ml-4512_ss142a | - |
| samsung | multixpress_sl-x7600_ss059a | - |
| samsung | xpress_sl-m2070_ss295a | - |
| samsung | ml-5015_ss147a | - |
| samsung | proxpress_sl-c3010_ss210f | - |
| samsung | proxpress_sl-m3820_ss373b | - |
| samsung | xpress_sl-m2875_ss352a | - |
| samsung | xpress_sl-m2676_ss337a | - |
| samsung | scx-4650_ss171a | - |
| samsung | proxpress_sl-c3010_ss201c | - |
| hp | laserjet_mfp_m443_8af72a | - |
| samsung | proxpress_sl-c3060_ss211e | - |
| samsung | proxpress_sl-c4010_ss216q | - |
| samsung | scx-4655_ss174a | - |
| samsung | proxpress_sl-m4020_ss383c | - |
| samsung | multixpress_scx-8230_ss021a | - |
| hp | laser_mfp_130_4zb93a | - |
| samsung | proxpress_sl-c3060_ss211k | - |
| samsung | xpress_sl-m2820_ss339a | - |
| samsung | xpress_sl-m2070_ss296a | - |
| hp | laser_mfp_130_6hu11a | - |
| samsung | multixpress_scx-8128_ss019a | - |
| samsung | multixpress_sl-x7500_ss055a | - |
| samsung | proxpress_sl-m3825_ss375a | - |
| samsung | proxpress_sl-m3820_ss373v | - |
| samsung | xpress_sl-m2020_ss272a | - |
| samsung | ml-6510_sv900a | - |
| samsung | scx-3405_ss161a | - |
| samsung | multixpress_clx-9301_sw152a | - |
| samsung | proxpress_sl-m3375fd_ss369c | - |
| samsung | proxpress_sl-c4010_ss216p | - |
| samsung | clp-775_ss078a | - |
| samsung | scx-4521_sv969a | - |
| hp | laserjet_mfp_m440_8af48a | - |
| samsung | proxpress_sl-c3060_ss213h | - |
| hp | laserjet_mfp_m42523_7ab26a | - |
| samsung | scx-3406_sw127a | - |
| samsung | proxpress_sl-c3010_ss210j | - |
| samsung | proxpress_sl-c3060_ss213a | - |
| samsung | xpress_sl-m2070_ss293a | - |
| samsung | scx-4521_ss167a | - |
| samsung | scx-4833_sw019a | - |
| samsung | proxpress_sl-c3060_ss211n | - |
| hp | laserjet_mfp_m437_7zb21a | - |
| samsung | multixpress_sl-k2200_ss024a | - |
| samsung | proxpress_sl-m3870_ss378a | - |
| samsung | clx-3305_ss096a | - |
| hp | color_laser_mfp_170_4zb97a | - |
| samsung | proxpress_sl-c3060_ss211q | - |
| samsung | proxpress_sl-m3875_ss379a | - |
| samsung | multixpress_sl-k7600_ss042a | - |
| samsung | scx-3405_ss159a | - |
| samsung | xpress_sl-m2870_ss348a | - |
| samsung | scx-5635_sw093a | - |
| samsung | xpress_sl-m2621_ss325a | - |
| hp | laserjet_mfp_m438_8af43a | - |
| samsung | proxpress_sl-m3375fd_ss369d | - |
| samsung | scx-3405_ss163a | - |
| samsung | multixpress_clx-9301_ss007a | - |
| samsung | scx-3400_ss155a | - |
| samsung | xpress_sl-m2070_ss294a | - |
| hp | laserjet_mfp_m442_8af71a | - |
| samsung | proxpress_sl-m4025_ss387a | - |
| samsung | proxpress_sl-m3321_ss366a | - |
| samsung | sf-760_ss198a | - |
| samsung | proxpress_sl-m3870_ss377a | - |
| samsung | proxpress_sl-m3820_ss371a | - |
| samsung | scx-3405_ss162a | - |
| samsung | multixpress_clx-9251_ss005a | - |
| samsung | proxpress_sl-m3820_ss373q | - |
| samsung | proxpress_sl-m4020_4pt87a | - |
| samsung | proxpress_sl-c3010_ss210l | - |
| samsung | xpress_sl-m2880_ss358a | - |
| hp | laser_100_5ue14a | - |
| samsung | multixpress_sl-m5370_sw121a | - |
| samsung | ml-5510_ss150a | - |
| samsung | proxpress_sl-c4010_ss216k | - |
| samsung | proxpress_sl-c3010_ss210p | - |
| hp | color_laser_mfp_170_4zb96a | - |
| hp | laserjet_mfp_m42625_8af49a | - |
| samsung | proxpress_sl-m4070_ss389j | - |
| samsung | scx-5737_sw046a | - |
| samsung | xpress_sl-m2020_ss271a | - |
| samsung | proxpress_sl-c3010_ss209a | - |
| samsung | proxpress_sl-m3820_ss373e | - |
| samsung | proxpress_sl-m4075_ss394a | - |
| hp | laser_408_7uq75a | - |
| samsung | xpress_sl-m2871_ss350a | - |
| samsung | proxpress_sl-c3060_ss213d | - |
| samsung | proxpress_sl-c3060_ss213g | - |
| samsung | xpress_sl-m2875_ss354a | - |
| samsung | multixpress_sl-k7400_ss037a | - |
| samsung | proxpress_sl-c4010_ss216j | - |
| samsung | clp-368_sv601a | - |
| samsung | proxpress_sl-m4560_ss399a | - |
| samsung | scx-4650_ss172a | - |
| hp | laserjet_mfp_m439_7zb22a | - |
| samsung | proxpress_sl-c4010_ss216m | - |
| hp | laserjet_mfp_m439_7zb23a | - |
| samsung | proxpress_sl-c3060_s221b | - |
| samsung | multixpress_sl-k7500_ss040a | - |
| samsung | xpress_sl-m2675_sw112a | - |
| hp | laser_mfp_130_4zb85a | - |
| samsung | ml-5010_ss145a | - |
| samsung | proxpress_sl-m3375fd_ss369e | - |
| samsung | proxpress_sl-c3010_ss210g | - |
| samsung | proxpress_sl-m3875_ss381a | - |
| samsung | xpress_sl-m2620_ss324a | - |
| samsung | xpress_sl-m2675_ss334a | - |
| samsung | proxpress_sl-c4010_ss216f | - |
| samsung | proxpress_sl-c4010_ss216v | - |
| samsung | scx-3400_ss156a | - |
| samsung | clp-560_sv612a | - |
| samsung | multixpress_sl-x7600_ss058a | - |
| hp | laserjet_mfp_m42523_7zb72a | - |
| hp | laserjet_mfp_m440_8af46a | - |
| samsung | multixpress_sl-k4300_ss032a | - |
| samsung | clp-775_ss079a | - |
| samsung | proxpress_sl-c3060_ss213e | - |
| samsung | proxpress_sl-m4072_ss391a | - |
| samsung | clx-6260_ss107a | - |
| hp | laser_mfp_130_9vv52a | - |
| samsung | xpress_sl-m2875_ss353a | - |
| samsung | multixpress_scx-8240_ss022a | - |
| samsung | xpress_sl-m2670_ss330a | - |
| samsung | proxpress_sl-m3375fd_ss369a | - |
| samsung | xpress_sl-m2820_ss340a | - |
| hp | laser_mfp_130_4zb91a | - |
| samsung | multixpress_sl-k3300_ss028a | - |
| samsung | proxpress_sl-m4580_ss401a | - |
| samsung | clp-366_ss068a | - |
| hp | laserjet_mfp_m42625_8af50a | - |
| samsung | proxpress_sl-c3010_ss210k | - |
| samsung | proxpress_sl-m3820_ss373w | - |
| samsung | xpress_sl-m2876_ss355a | - |
| samsung | clx-6260_ss105a | - |
| hp | laserjet_mfp_m72625-m72630_2zn49a | - |
| samsung | proxpress_sl-m3825_ss374a | - |
| samsung | scx-4521_ss168a | - |
| samsung | proxpress_sl-m3820_ss375b | - |
| samsung | scx-4835_sw021a | - |
| samsung | xpress_sl-c480_ss257a | - |
| hp | laser_mfp_130_5ue15a | - |
| samsung | proxpress_sl-m4020_ss383y | - |
| samsung | proxpress_sl-m4030_ss388a | - |
| samsung | xpress_sl-m2885_ss359a | - |
| samsung | ml-4510_ss141a | - |
| samsung | clx-3305_ss093a | - |
| hp | laser_mfp_130_4zb82a | - |
| samsung | multixpress_sl-m5370_ss404a | - |
| samsung | clp-365_ss067a | - |
| hp | laser_100_209u7a | - |
| samsung | proxpress_sl-c3060_ss211m | - |
| samsung | sf-760_ss197a | - |
| samsung | scx-4833_ss181a | - |
| samsung | proxpress_sl-c4010_ss216s | - |
| samsung | multixpress_sl-m4370_ss396a | - |
| samsung | scx-3406_sv945a | - |
| samsung | scx-3400_sv938a | - |
| samsung | xpress_sl-m2825_ss342a | - |
| hp | laserjet_mfp_m436_w7u02a | - |
| samsung | ml-5012_ss146a | - |
| hp | laserjet_mfp_m42625_8af52a | - |
| samsung | scx-4835_sw020a | - |
| samsung | proxpress_sl-m3375fd_ss368f | - |
| samsung | clp-680_ss076a | - |
| samsung | ml-5510_sv898a | - |
| samsung | proxpress_sl-c4010_ss216l | - |
| samsung | ml-3750_ss138a | - |
| samsung | multixpress_sl-x7500_ss056a | - |
| samsung | proxpress_sl-c3060_ss211j | - |
| samsung | proxpress_sl-c3060_ss213c | - |
| hp | laser_100_4zb80a | - |
| samsung | scx-3405_sw314a | - |
| samsung | proxpress_sl-c4010_ss216b | - |
| samsung | multixpress_sl-x3220nr_ss043e | - |
| samsung | multixpress_sl-k3250_ss027e | - |
| hp | laser_mfp_130_4zb83a | - |
| samsung | proxpress_sl-m3820_ss371d | - |
| samsung | multixpress_sl-k2200_ss025a | - |
| samsung | proxpress_sl-m3325_ss367a | - |
| samsung | proxpress_sl-m3875_ss382a | - |
| samsung | proxpress_sl-c3010_ss210a | - |
| samsung | proxpress_sl-m3370_ss378a | - |
| hp | laser_mfp_130_4zb89a | - |
| hp | laserjet_mfp_m433_1vr14a | - |
| samsung | proxpress_sl-m3820_ss373u | - |
| samsung | proxpress_sl-c4010_ss216u | - |
| samsung | proxpress_sl-m3820_ss373d | - |
| samsung | clx-3300_ss088a | - |
| samsung | multixpress_sl-x4300_ss049a | - |
| samsung | multixpress_sl-k7500_ss039a | - |
| samsung | multixpress_scx-8240_st717a | - |
| samsung | proxpress_sl-m3820_ss373s | - |
| samsung | xpress_sl-m2675_ss336a | - |
| samsung | clx-3305_ss095a | - |
| samsung | multixpress_sl-k7400_ss038a | - |
| hp | laser_mfp_130_4zb86a | - |
| samsung | proxpress_sl-c3060_ss211f | - |
| samsung | scx-3406_sv298a | - |
| samsung | scx-4655_sv988a | - |
| samsung | proxpress_sl-m3820_ss373a | - |
| samsung | xpress_sl-m2671_ss332a | - |
| samsung | multixpress_scx-8128_ss020a | - |
| samsung | proxpress_sl-c4012_ss217a | - |
| samsung | xpress_sl-c1860_ss205a | - |
| samsung | scx-3405_sw313a | - |
| samsung | proxpress_sl-c3060_ss211c | - |
| samsung | proxpress_sl-m3820_ss373f | - |
| samsung | proxpress_sl-m4020_ss383l | - |
| samsung | proxpress_sl-c3060_ss211a | - |
| samsung | clp-560_sv611a | - |
| hp | laserjet_mfp_m439_7zb24a | - |
| samsung | clx-3300_sv677a | - |
| samsung | proxpress_sl-m4075_ss392a | - |
| samsung | proxpress_sl-m4080_ss395a | - |
| samsung | multixpress_clx-9251_sv719a | - |
| samsung | scx-4655_sv989a | - |
| samsung | scx-3401_ss157a | - |
| samsung | proxpress_sl-c3060_ss211d | - |
| samsung | multixpress_sl-m5360_ss403a | - |
| samsung | proxpress_sl-m4530_ss398d | - |
| samsung | xpress_sl-c430_ss229a | - |
| samsung | ml-5510_sv897a | - |
| samsung | multixpress_sl-x4220_ss047a | - |
| samsung | clp-366_sv600a | - |
| samsung | ml-6510_ss154a | - |
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | syncthru_web_service | 5.93 |
Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | drive_manager | 2.0.104 |
Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips on affected memory modules using our Blacksmith fuzzer. The patterns generated by Blacksmith were able to trigger bitflips on all 40 PC-DDR4 DRAM devices in our test pool, which cover the three major DRAM manufacturers: Samsung, SK Hynix, and Micron. This means that, even when chips advertised as Rowhammer-free are used, attackers may still be able to exploit Rowhammer. For example, this enables privilege-escalation attacks against the kernel or binaries such as the sudo binary, and also triggering bit flips in RSA-2048 keys (e.g., SSH keys) to gain cross-tenant virtual-machine access. We can confirm that DRAM devices acquired in July 2020 with DRAM chips from all three major DRAM vendors (Samsung, SK Hynix, Micron) are affected by this vulnerability. For more details, please refer to our publication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| vulnerability@ncsc.ch | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
| nvd@nist.gov | 8.3 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ddr4_sdram_firmware | - |
| samsung | lddr4_firmware | - |
| skhynix | ddr4_sdram_firmware | - |
| skhynix | lddr4_firmware | - |
| micron | lddr4_firmware | - |
| micron | ddr4_sdram_firmware | - |
The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-522,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | syncthru_web_service | - |
This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of redirections. An attacker can force a redirection to a site that serves malicious content. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the current user. Was ZDI-CAN-15918.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.9 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N | 1.3 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s21_firmware | * |
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 2.8 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N | 1.3 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-613,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N | 1.4 | 4.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-94,CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | reminder | * |
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-94,CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_routines | * |
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 3.9 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.2 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_email | * |
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | s_assistant | * |
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-703,CWE-755,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | reminder | * |
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-94,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby | * |
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | * |
Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | * |
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | * |
Unprotected component vulnerability in StTheaterModeDurationAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to disable theater mode without a proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | * |
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | camera | * |
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | link_sharing | * |
Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_vision | * |
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | searchwidget | * |
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.2 | LOW | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N | 0.8 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | livewallpaperservice | * |
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smarttagplugin | * |
Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L | 0.8 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | video_player | * |
An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 3.0 |
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.5 | 3.6 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-424,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 11.0 | |
| samsung | cloud | * |
| android | 10.0 | |
| android | 12.0 |
A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows 7, 10, or 11 to exploit this vulnerability.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | t5_firmware | * |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_touch | * |
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_3_plugin | * |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | watch_active_plugin | * |
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | watch_active2_plugin | * |
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_3_plugin | * |
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,CWE-552,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | accessibility | * |
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.7 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 2.5 | 5.2 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | factorycamera | * |
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-269,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | recovery | * |
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-703,CWE-755,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pass | * |
DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch_pc | * |
DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies | * |
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | update | * |
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 2.5 | 4.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_flow | * |
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 2.5 | 2.5 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_flow | * |
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_security_supporter | * |
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H | 0.6 | 4.7 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android_usb_driver_windows_installer | * |
Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice without user interaction. The patch adds proper permission for vulnerable activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-862,CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | voice_note | * |
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device. The patch adds proper caller signature check logic.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | link_to_windows_service | * |
Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. The patch adds proper absolute path to prevent dll hijacking.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_iconx_pc_manager | * |
Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N | 0.8 | 3.6 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N | 0.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-754,CWE-754,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_s22_firmware | - |
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pass | * |
Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-862,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | my_files | * |
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-668,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-703,CWE-754,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 0.5 | 3.6 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-922,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permission to get sim card information through device log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | find_my_mobile | * |
Sensitive information exposure vulnerability in FmmExtraOperation of Find My Mobile prior to 7.2.24.12 allows local attackers with log access permissio to get sim card information through device log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | find_my_mobile | * |
Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies | * |
Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | quick_share | * |
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-276,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-561,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | calendar | * |
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_gallery | * |
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-334,CWE-330,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | find_my_mobile | * |
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-354,CWE-354,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android_usb_driver | * |
Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,CWE-601,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | camera | * |
Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-285,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | charm | * |
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | charm | * |
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | 0.3.0 |
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | charm_firmware | * |
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | charm_firmware | * |
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cameralyzer | * |
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gameoptimizingservice | * |
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 1.3 | 3.6 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N | 0.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | game_launcher | * |
Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_internet_browser | * |
Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | charm_firmware | * |
Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_email | * |
Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_wearable | * |
SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | checkout | * |
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.0 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | update | * |
Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.9 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.3 | 3.6 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pass | * |
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 1.9 | LOW | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N | 0.5 | 1.4 |
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| android | 11.0 | |
| samsung | photo_editor | * |
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smarttagplugin | * |
Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_email | * |
Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | group_sharing | * |
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | group_sharing | * |
Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | editor_lite | * |
Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N | 1.8 | 4.2 |
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | contacts_provider | * |
Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L | 1.8 | 2.7 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pay | * |
| samsung | samsung_pay_kr | * |
Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L | 1.8 | 2.7 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pay | * |
| samsung | samsung_pay_kr | * |
Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N | 2.0 | 4.0 |
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L | 1.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pay | * |
| samsung | samsung_pay_kr | * |
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_watch_plugin | * |
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 1.8 | LOW | CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N | 0.3 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pass | * |
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 2.8 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N | 1.3 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_members | * |
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | find_my_mobile | * |
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch_pc | * |
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | kies | * |
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch_pc | * |
Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | factorycamerafb | * |
Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | factorycamera | * |
Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | uphelper_library | * |
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 1.8 | 2.5 |
| nvd@nist.gov | 3.5 | LOW | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.1 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | quick_share | * |
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | factorycamera | * |
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | dynamic_lockscreen | * |
Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.6 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sharelive | * |
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | reminder | * |
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | group_sharing | * |
Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | checkout | * |
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_firmware | - |
Improper access control vulnerability in GalaxyWatch4Plugin prior to versions 2.2.11.22101351 and 2.2.12.22101351 allows attackers to access wearable device information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxywatch4plugin | * |
| samsung | galaxywatch4plugin | 2.2.11.22102751 |
Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | billing | * |
Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | editor_lite | * |
Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.6 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_buds_pro_manage | * |
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_firmware | - |
Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_firmware | - |
Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gear_iconx_pc_manager | * |
Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | calendar | * |
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tizenrt | 1.0 |
| samsung | tizenrt | 3.0 |
| samsung | tizenrt | 3.1 |
| samsung | tizenrt | 1.1 |
| samsung | tizenrt | 2.0 |
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tizenrt | 1.0 |
| samsung | tizenrt | 3.0 |
| samsung | tizenrt | 3.1 |
| samsung | tizenrt | 1.1 |
| samsung | tizenrt | 2.0 |
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tizenrt | 1.0 |
| samsung | tizenrt | 3.0 |
| samsung | tizenrt | 1.1 |
| samsung | tizenrt | 2.0 |
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tizenrt | 1.0 |
| samsung | tizenrt | 3.0 |
| samsung | tizenrt | 1.1 |
| samsung | tizenrt | 2.0 |
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | mtower | * |
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | t-oscpuabc_firmware | - |
| samsung | t-oscpdeuc_firmware | - |
| samsung | t-ksu2eakuc_firmware | - |
| samsung | t-nkm2deuc_firmware | - |
| samsung | t-ksu2euab_firmware | - |
| samsung | t-ptmakuc_firmware | - |
| samsung | t-nkm2uabc_firmware | - |
| samsung | t-ksu2edeuc_firmware | - |
| samsung | t-nkluabc_firmware | - |
| samsung | t-ptmdeuc_firmware | - |
| samsung | t-nkm2akuc_firmware | - |
| samsung | t-ptmuabc_firmware | - |
| samsung | t-nkldeuc_firmware | - |
| samsung | t-oscpakuc_firmware | - |
| samsung | t-nklakuc_firmware | - |
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | 4zb97a_firmware | - |
| hp | 715a2a_firmware | - |
| samsung | ss256d_firmware | - |
| samsung | ss348c_firmware | - |
| samsung | 7fr05a#ab1_firmware | - |
| samsung | ss076s_firmware | - |
| samsung | ss107b_firmware | - |
| samsung | ss352n_firmware | - |
| samsung | ss365e_firmware | - |
| samsung | ss343a_firmware | - |
| samsung | ss049e_firmware | - |
| samsung | ss204m_firmware | - |
| samsung | 3b0c1a#304_firmware | - |
| samsung | 7fq98a#ab1_firmware | - |
| samsung | ss395e_firmware | - |
| samsung | ss390b_firmware | - |
| samsung | ss322b_firmware | - |
| samsung | st688e_firmware | - |
| samsung | ss343h_firmware | - |
| samsung | ss354a_firmware | - |
| samsung | ss327d_firmware | - |
| hp | 4zb86a_firmware | - |
| samsung | ss205d_firmware | - |
| samsung | st679a_firmware | - |
| samsung | ss387a_firmware | - |
| samsung | ss326e_firmware | - |
| samsung | ss211j_firmware | - |
| samsung | ss230n_firmware | - |
| samsung | ss108e_firmware | - |
| samsung | 3b0c5a#ab1_firmware | - |
| samsung | ss229c_firmware | - |
| samsung | st679c_firmware | - |
| hp | 714z7a_firmware | - |
| samsung | ss043f_firmware | - |
| samsung | ss150t_firmware | - |
| samsung | 7gf50a#ab1_firmware | - |
| samsung | ss326a_firmware | - |
| samsung | ss027f_firmware | - |
| samsung | ss368g_firmware | - |
| samsung | ss377d_firmware | - |
| samsung | ss105d_firmware | - |
| samsung | ss398b_firmware | - |
| samsung | ss216h_firmware | - |
| samsung | ss349b_firmware | - |
| samsung | ss195b_firmware | - |
| samsung | ss153h_firmware | - |
| samsung | ss106j_firmware | - |
| samsung | ss365g_firmware | - |
| samsung | ss213a_firmware | - |
| samsung | ss204a_firmware | - |
| samsung | ss216g_firmware | - |
| samsung | ss205f_firmware | - |
| samsung | ss150s_firmware | - |
| samsung | ss390h_firmware | - |
| samsung | ss043l_firmware | - |
| samsung | ss392a_firmware | - |
| samsung | ss271g_firmware | - |
| samsung | ss383c_firmware | - |
| samsung | ss369a_firmware | - |
| samsung | ss195a_firmware | - |
| samsung | ss383y_firmware | - |
| samsung | ss043c_firmware | - |
| samsung | ss395j_firmware | - |
| samsung | ss343c_firmware | - |
| samsung | ss343j_firmware | - |
| samsung | ss230k_firmware | - |
| samsung | ss257f_firmware | - |
| samsung | ss257q_firmware | - |
| samsung | ss397g_firmware | - |
| samsung | ss367e_firmware | - |
| samsung | 7fq94a#ab1_firmware | - |
| samsung | ss204k_firmware | - |
| samsung | ss041f_firmware | - |
| samsung | ss042c_firmware | - |
| samsung | ss283a_firmware | - |
| samsung | st684a_firmware | - |
| samsung | ss230b_firmware | - |
| samsung | ss103a_firmware | - |
| samsung | ss271n_firmware | - |
| samsung | ss365l_firmware | - |
| samsung | st673a_firmware | - |
| samsung | ss367b_firmware | - |
| samsung | ss342e_firmware | - |
| samsung | ss390c_firmware | - |
| samsung | ss229j_firmware | - |
| samsung | ss211f_firmware | - |
| samsung | ss058f_firmware | - |
| hp | 7zb20a_firmware | - |
| samsung | ss076t_firmware | - |
| samsung | ss229g_firmware | - |
| samsung | ss076j_firmware | - |
| samsung | sw116b_firmware | - |
| samsung | st679d_firmware | - |
| samsung | ss334c_firmware | - |
| samsung | ss339b_firmware | - |
| samsung | ss257j_firmware | - |
| samsung | ss340b_firmware | - |
| samsung | ss352j_firmware | - |
| samsung | ss383t_firmware | - |
| samsung | ss153j_firmware | - |
| samsung | ss217a_firmware | - |
| samsung | ss107l_firmware | - |
| samsung | ss058b_firmware | - |
| samsung | ss257a_firmware | - |
| samsung | ss336b_firmware | - |
| samsung | 8pa14a#302_firmware | - |
| samsung | 3b0d1a#ab1_firmware | - |
| samsung | ss389q_firmware | - |
| samsung | ss272a_firmware | - |
| samsung | ss353a_firmware | - |
| samsung | ss383p_firmware | - |
| samsung | 7gf48a#ab1_firmware | - |
| samsung | ss342f_firmware | - |
| samsung | ss352k_firmware | - |
| samsung | ss076n_firmware | - |
| samsung | ss104a_firmware | - |
| samsung | ss343b_firmware | - |
| samsung | ss041d_firmware | - |
| samsung | ss390d_firmware | - |
| hp | 6hu09a_firmware | - |
| samsung | ss150q_firmware | - |
| samsung | st695c_firmware | - |
| samsung | ss356a_firmware | - |
| samsung | ss219f_firmware | - |
| hp | 4zb90a_firmware | - |
| samsung | ss396c_firmware | - |
| samsung | ss368d_firmware | - |
| samsung | ss384c_firmware | - |
| samsung | ss049j_firmware | - |
| samsung | ss257l_firmware | - |
| samsung | ss027l_firmware | - |
| samsung | ss049k_firmware | - |
| samsung | ss256g_firmware | - |
| samsung | ss205m_firmware | - |
| samsung | ss272e_firmware | - |
| samsung | ss353c_firmware | - |
| samsung | ss272l_firmware | - |
| samsung | ss107d_firmware | - |
| samsung | ss338a_firmware | - |
| samsung | ss216c_firmware | - |
| samsung | 7fq95a#ab1_firmware | - |
| samsung | ss218g_firmware | - |
| samsung | ss049c_firmware | - |
| samsung | ss382a_firmware | - |
| samsung | ss339f_firmware | - |
| samsung | ss041g_firmware | - |
| samsung | ss058j_firmware | - |
| samsung | ss334f_firmware | - |
| hp | 209u7a_firmware | - |
| samsung | st695d_firmware | - |
| samsung | ss058h_firmware | - |
| samsung | ss359z_firmware | - |
| samsung | ss033a_firmware | - |
| samsung | ss365f_firmware | - |
| samsung | ss218h_firmware | - |
| samsung | 7fq86a#ab1_firmware | - |
| samsung | ss058a_firmware | - |
| samsung | ss033g_firmware | - |
| samsung | ss043k_firmware | - |
| samsung | ss234a_firmware | - |
| samsung | ss219c_firmware | - |
| samsung | ss395k_firmware | - |
| samsung | ss387b_firmware | - |
| samsung | 3b0c9a#304_firmware | - |
| samsung | ss076h_firmware | - |
| samsung | ss395c_firmware | - |
| samsung | ss339e_firmware | - |
| samsung | ss383e_firmware | - |
| samsung | ss213f_firmware | - |
| samsung | ss107h_firmware | - |
| samsung | ss216u_firmware | - |
| samsung | ss383s_firmware | - |
| samsung | ss033h_firmware | - |
| samsung | ss256e_firmware | - |
| samsung | ss331a_firmware | - |
| samsung | ss351a_firmware | - |
| samsung | st679e_firmware | - |
| samsung | ss076w_firmware | - |
| samsung | ss213b_firmware | - |
| samsung | ss271d_firmware | - |
| samsung | ss368j_firmware | - |
| samsung | ss204e_firmware | - |
| hp | 4zb79a_firmware | - |
| samsung | ss150h_firmware | - |
| samsung | ss390g_firmware | - |
| samsung | ss211g_firmware | - |
| samsung | ss391e_firmware | - |
| samsung | ss230e_firmware | - |
| samsung | ss395s_firmware | - |
| samsung | ss027c_firmware | - |
| samsung | ss106f_firmware | - |
| samsung | ss383m_firmware | - |
| samsung | ss352b_firmware | - |
| samsung | ss198a_firmware | - |
| samsung | ss396b_firmware | - |
| samsung | ss396g_firmware | - |
| samsung | ss395n_firmware | - |
| samsung | ss342g_firmware | - |
| hp | 4zb96a_firmware | - |
| samsung | ss076v_firmware | - |
| samsung | ss041b_firmware | - |
| samsung | ss153d_firmware | - |
| samsung | ss043g_firmware | - |
| samsung | ss257z_firmware | - |
| samsung | ss377a_firmware | - |
| samsung | ss210e_firmware | - |
| samsung | st679f_firmware | - |
| samsung | ss229d_firmware | - |
| samsung | 3b0c3a#ab1_firmware | - |
| samsung | ss389e_firmware | - |
| samsung | ss150j_firmware | - |
| samsung | ss282b_firmware | - |
| samsung | ss275c_firmware | - |
| samsung | ss359p_firmware | - |
| samsung | ss380c_firmware | - |
| samsung | ss359l_firmware | - |
| samsung | ss377h_firmware | - |
| samsung | ss349a_firmware | - |
| samsung | ss359m_firmware | - |
| samsung | ss343g_firmware | - |
| samsung | ss365j_firmware | - |
| samsung | 3b0c0a#301_firmware | - |
| samsung | ss204g_firmware | - |
| samsung | ss216j_firmware | - |
| samsung | ss258a_firmware | - |
| samsung | ss033l_firmware | - |
| samsung | ss383a_firmware | - |
| hp | 7zb19a_firmware | - |
| samsung | ss377p_firmware | - |
| samsung | ss106n_firmware | - |
| samsung | ss102a_firmware | - |
| hp | 7uq76a_firmware | - |
| samsung | ss216a_firmware | - |
| samsung | sw176a_firmware | - |
| samsung | ss395p_firmware | - |
| samsung | ss404f_firmware | - |
| samsung | ss404j_firmware | - |
| samsung | ss255b_firmware | - |
| samsung | ss393c_firmware | - |
| samsung | ss033f_firmware | - |
| samsung | ss271b_firmware | - |
| samsung | ss205u_firmware | - |
| samsung | ss359d_firmware | - |
| samsung | ss218k_firmware | - |
| samsung | ss263b_firmware | - |
| samsung | ss397p_firmware | - |
| samsung | ss150a_firmware | - |
| samsung | ss397m_firmware | - |
| hp | 5ue14a_firmware | - |
| samsung | ss287a_firmware | - |
| samsung | ss342b_firmware | - |
| samsung | ss352g_firmware | - |
| samsung | st693c_firmware | - |
| hp | 8af50a_firmware | - |
| samsung | ss378d_firmware | - |
| samsung | st689a_firmware | - |
| samsung | ss230d_firmware | - |
| samsung | ss272z_firmware | - |
| samsung | ss404g_firmware | - |
| samsung | ss271p_firmware | - |
| samsung | st690b_firmware | - |
| samsung | ss076k_firmware | - |
| samsung | ss383l_firmware | - |
| samsung | ss106d_firmware | - |
| samsung | ss334b_firmware | - |
| samsung | ss359e_firmware | - |
| samsung | st685a_firmware | - |
| samsung | ss397f_firmware | - |
| samsung | ss108l_firmware | - |
| samsung | ss042b_firmware | - |
| samsung | ss404b_firmware | - |
| samsung | ss218b_firmware | - |
| samsung | ss044b_firmware | - |
| samsung | sv899c_firmware | - |
| samsung | 3a9x7a#ab1_firmware | - |
| samsung | ss105j_firmware | - |
| samsung | ss204l_firmware | - |
| samsung | ss205s_firmware | - |
| samsung | ss254b_firmware | - |
| samsung | 3a9x2a#301_firmware | - |
| samsung | ss150m_firmware | - |
| samsung | sw192a_firmware | - |
| samsung | ss205z_firmware | - |
| samsung | ss383n_firmware | - |
| hp | 7zb21a_firmware | - |
| samsung | ss229e_firmware | - |
| samsung | ss076q_firmware | - |
| samsung | ss389s_firmware | - |
| samsung | ss334e_firmware | - |
| samsung | ss378g_firmware | - |
| samsung | ss108h_firmware | - |
| samsung | ss218c_firmware | - |
| samsung | ss389p_firmware | - |
| samsung | ss276c_firmware | - |
| samsung | ss213d_firmware | - |
| samsung | 8pa12a#302_firmware | - |
| samsung | st684b_firmware | - |
| samsung | ss106z_firmware | - |
| samsung | ss396h_firmware | - |
| samsung | ss209a_firmware | - |
| hp | 4zb85a_firmware | - |
| samsung | ss151a_firmware | - |
| samsung | ss281b_firmware | - |
| samsung | ss339g_firmware | - |
| samsung | ss196c_firmware | - |
| samsung | ss395a_firmware | - |
| samsung | ss058c_firmware | - |
| hp | 6hu11a_firmware | - |
| samsung | ss105e_firmware | - |
| samsung | ss394a_firmware | - |
| samsung | ss404m_firmware | - |
| samsung | ss254d_firmware | - |
| samsung | ss105a_firmware | - |
| samsung | st686f_firmware | - |
| samsung | ss044f_firmware | - |
| samsung | ss365m_firmware | - |
| samsung | ss268b_firmware | - |
| samsung | ss365k_firmware | - |
| samsung | ss336a_firmware | - |
| samsung | ss076a_firmware | - |
| samsung | ss391b_firmware | - |
| samsung | ss389b_firmware | - |
| samsung | ss106l_firmware | - |
| samsung | ss260a_firmware | - |
| samsung | ss150p_firmware | - |
| samsung | ss059j_firmware | - |
| samsung | ss150c_firmware | - |
| samsung | st693d_firmware | - |
| samsung | ss107e_firmware | - |
| samsung | ss397d_firmware | - |
| samsung | ss404p_firmware | - |
| samsung | ss205a_firmware | - |
| samsung | ss219b_firmware | - |
| samsung | ss383k_firmware | - |
| samsung | ss256z_firmware | - |
| samsung | ss044h_firmware | - |
| samsung | ss216k_firmware | - |
| samsung | ss359f_firmware | - |
| samsung | ss211a_firmware | - |
| samsung | ss076m_firmware | - |
| samsung | ss106k_firmware | - |
| samsung | ss255a_firmware | - |
| samsung | ss395m_firmware | - |
| samsung | ss264a_firmware | - |
| samsung | ss205k_firmware | - |
| samsung | ss257d_firmware | - |
| samsung | ss216b_firmware | - |
| hp | w7u01a_firmware | - |
| samsung | ss276a_firmware | - |
| samsung | ss106p_firmware | - |
| samsung | ss076c_firmware | - |
| samsung | st683c_firmware | - |
| samsung | 7fr03a#ab1_firmware | - |
| samsung | ss210n_firmware | - |
| samsung | ss216m_firmware | - |
| samsung | 3a9x8a#ab1_firmware | - |
| samsung | 3b0c6a#312_firmware | - |
| samsung | ss211l_firmware | - |
| hp | 4zb87a_firmware | - |
| samsung | ss378c_firmware | - |
| samsung | 7fq99a#ab1_firmware | - |
| samsung | ss033n_firmware | - |
| samsung | ss075j_firmware | - |
| hp | 8af51a_firmware | - |
| samsung | ss282a_firmware | - |
| samsung | ss107n_firmware | - |
| samsung | ss383g_firmware | - |
| samsung | ss230g_firmware | - |
| samsung | ss384b_firmware | - |
| samsung | ss108k_firmware | - |
| samsung | ss404n_firmware | - |
| samsung | ss196e_firmware | - |
| samsung | ss049n_firmware | - |
| samsung | ss340d_firmware | - |
| samsung | ss330b_firmware | - |
| samsung | st683e_firmware | - |
| samsung | ss262a_firmware | - |
| samsung | 7fq90a#ab1_firmware | - |
| hp | 2ky38a_firmware | - |
| samsung | ss378f_firmware | - |
| samsung | st688j_firmware | - |
| samsung | ss404k_firmware | - |
| samsung | ss328a_firmware | - |
| samsung | ss396d_firmware | - |
| samsung | ss106s_firmware | - |
| samsung | ss043b_firmware | - |
| samsung | st694c_firmware | - |
| samsung | ss383b_firmware | - |
| samsung | ss216z_firmware | - |
| samsung | ss150e_firmware | - |
| samsung | ss397j_firmware | - |
| samsung | ss275a_firmware | - |
| samsung | ss044k_firmware | - |
| samsung | ss275b_firmware | - |
| samsung | ss027k_firmware | - |
| samsung | st686d_firmware | - |
| samsung | ss076e_firmware | - |
| samsung | ss397l_firmware | - |
| samsung | ss272p_firmware | - |
| samsung | ss150f_firmware | - |
| samsung | ss277b_firmware | - |
| samsung | sv531a_firmware | - |
| samsung | ss205j_firmware | - |
| samsung | ss389f_firmware | - |
| samsung | ss381a_firmware | - |
| samsung | st688a_firmware | - |
| samsung | 3a9x1a#ab1_firmware | - |
| samsung | st694d_firmware | - |
| samsung | ss359n_firmware | - |
| samsung | ss389k_firmware | - |
| samsung | ss369b_firmware | - |
| samsung | ss256k_firmware | - |
| samsung | ss108d_firmware | - |
| samsung | ss340a_firmware | - |
| samsung | ss218a_firmware | - |
| samsung | ss204h_firmware | - |
| samsung | ss256a_firmware | - |
| hp | 8af49a_firmware | - |
| samsung | ss229h_firmware | - |
| samsung | ss391c_firmware | - |
| samsung | ss277a_firmware | - |
| samsung | ss369e_firmware | - |
| samsung | 7gf53a#ab1_firmware | - |
| samsung | ss322c_firmware | - |
| hp | 7zb72a_firmware | - |
| samsung | ss205h_firmware | - |
| samsung | ss254f_firmware | - |
| samsung | ss043d_firmware | - |
| samsung | ss204d_firmware | - |
| samsung | ss335e_firmware | - |
| samsung | ss150l_firmware | - |
| samsung | ss076l_firmware | - |
| samsung | ss322a_firmware | - |
| samsung | st686e_firmware | - |
| hp | 4zb84a_firmware | - |
| samsung | ss359c_firmware | - |
| samsung | ss210c_firmware | - |
| samsung | ss218e_firmware | - |
| samsung | 3b0c8a#ab1_firmware | - |
| samsung | ss044l_firmware | - |
| samsung | sw176b_firmware | - |
| samsung | ss230s_firmware | - |
| samsung | st679b_firmware | - |
| samsung | ss076f_firmware | - |
| samsung | ss076g_firmware | - |
| samsung | ss105h_firmware | - |
| samsung | ss388a_firmware | - |
| samsung | ss272q_firmware | - |
| samsung | ss389g_firmware | - |
| samsung | ss395g_firmware | - |
| samsung | ss049b_firmware | - |
| samsung | 7fq93a#ab1_firmware | - |
| samsung | st688f_firmware | - |
| samsung | 3b0d3a#301_firmware | - |
| samsung | ss268a_firmware | - |
| samsung | ss152c_firmware | - |
| samsung | ss211m_firmware | - |
| samsung | ss076b_firmware | - |
| samsung | ss353b_firmware | - |
| samsung | ss352e_firmware | - |
| samsung | ss272k_firmware | - |
| samsung | ss107k_firmware | - |
| samsung | ss059c_firmware | - |
| samsung | ss059g_firmware | - |
| samsung | ss210j_firmware | - |
| samsung | ss149a_firmware | - |
| hp | 6hu10a_firmware | - |
| samsung | ss219d_firmware | - |
| samsung | ss377f_firmware | - |
| samsung | ss154b_firmware | - |
| samsung | ss342d_firmware | - |
| hp | 715a6a_firmware | - |
| samsung | ss272n_firmware | - |
| samsung | ss027d_firmware | - |
| samsung | ss359j_firmware | - |
| samsung | ss324a_firmware | - |
| samsung | ss396f_firmware | - |
| samsung | ss386b_firmware | - |
| samsung | ss271k_firmware | - |
| samsung | st690a_firmware | - |
| samsung | ss385a_firmware | - |
| hp | 6hu08a_firmware | - |
| samsung | st686c_firmware | - |
| samsung | ss256n_firmware | - |
| samsung | ss257e_firmware | - |
| samsung | ss210f_firmware | - |
| samsung | 3b0c4a#301_firmware | - |
| samsung | ss230f_firmware | - |
| samsung | ss281c_firmware | - |
| samsung | st682b_firmware | - |
| samsung | ss333a_firmware | - |
| samsung | ss107m_firmware | - |
| samsung | 7gf47a#ab1_firmware | - |
| samsung | ss076d_firmware | - |
| samsung | ss389z_firmware | - |
| samsung | ss395f_firmware | - |
| samsung | ss343d_firmware | - |
| samsung | ss042j_firmware | - |
| samsung | ss377b_firmware | - |
| samsung | ss337a_firmware | - |
| samsung | 7gf55a#ab1_firmware | - |
| samsung | ss326d_firmware | - |
| samsung | ss033e_firmware | - |
| samsung | ss044g_firmware | - |
| samsung | st683d_firmware | - |
| samsung | ss042d_firmware | - |
| samsung | ss211b_firmware | - |
| samsung | ss343f_firmware | - |
| samsung | ss335c_firmware | - |
| samsung | ss204p_firmware | - |
| samsung | ss326c_firmware | - |
| samsung | ss107q_firmware | - |
| samsung | ss377k_firmware | - |
| samsung | ss377n_firmware | - |
| samsung | ss359h_firmware | - |
| samsung | ss404c_firmware | - |
| samsung | ss205q_firmware | - |
| samsung | ss196h_firmware | - |
| samsung | ss108j_firmware | - |
| samsung | st687a_firmware | - |
| samsung | ss389m_firmware | - |
| samsung | ss233a_firmware | - |
| samsung | ss058g_firmware | - |
| samsung | ss150k_firmware | - |
| samsung | ss230j_firmware | - |
| samsung | ss107f_firmware | - |
| hp | 4zb83a_firmware | - |
| samsung | ss211d_firmware | - |
| samsung | ss278a_firmware | - |
| samsung | ss386a_firmware | - |
| samsung | ss349f_firmware | - |
| samsung | ss205p_firmware | - |
| samsung | ss397c_firmware | - |
| samsung | ss210d_firmware | - |
| samsung | ss389j_firmware | - |
| samsung | ss388d_firmware | - |
| samsung | ss256b_firmware | - |
| samsung | ss359b_firmware | - |
| samsung | ss257k_firmware | - |
| samsung | ss219e_firmware | - |
| samsung | ss059a_firmware | - |
| samsung | ss272s_firmware | - |
| samsung | ss384a_firmware | - |
| samsung | ss075f_firmware | - |
| samsung | ss106c_firmware | - |
| samsung | ss389l_firmware | - |
| samsung | ss107g_firmware | - |
| samsung | ss339d_firmware | - |
| samsung | ss058e_firmware | - |
| samsung | st688b_firmware | - |
| samsung | st693a_firmware | - |
| samsung | ss150g_firmware | - |
| samsung | ss352d_firmware | - |
| samsung | ss344b_firmware | - |
| samsung | ss377l_firmware | - |
| samsung | ss058d_firmware | - |
| samsung | 7fq89a#ab1_firmware | - |
| samsung | ss379b_firmware | - |
| samsung | ss334a_firmware | - |
| samsung | sw176c_firmware | - |
| samsung | ss331b_firmware | - |
| samsung | sv901b_firmware | - |
| hp | 4zb81a_firmware | - |
| samsung | ss273b_firmware | - |
| samsung | ss391d_firmware | - |
| samsung | ss256h_firmware | - |
| samsung | st690c_firmware | - |
| hp | 715a4a_firmware | - |
| samsung | ss272m_firmware | - |
| samsung | ss108a_firmware | - |
| hp | 4zb93a_firmware | - |
| samsung | ss378b_firmware | - |
| samsung | ss256f_firmware | - |
| samsung | ss389n_firmware | - |
| samsung | ss398g_firmware | - |
| hp | 714z6a_firmware | - |
| samsung | ss353g_firmware | - |
| samsung | ss398a_firmware | - |
| samsung | ss230p_firmware | - |
| samsung | st673b_firmware | - |
| samsung | ss344a_firmware | - |
| hp | 4zb92a_firmware | - |
| samsung | ss153c_firmware | - |
| samsung | ss049f_firmware | - |
| samsung | ss389h_firmware | - |
| samsung | ss365a_firmware | - |
| samsung | ss204c_firmware | - |
| samsung | ss378e_firmware | - |
| samsung | ss398c_firmware | - |
| samsung | ss350a_firmware | - |
| samsung | ss042f_firmware | - |
| samsung | ss199a_firmware | - |
| samsung | ss342c_firmware | - |
| samsung | ss389c_firmware | - |
| samsung | ss204b_firmware | - |
| samsung | ss353f_firmware | - |
| samsung | ss075b_firmware | - |
| samsung | ss205t_firmware | - |
| samsung | ss272f_firmware | - |
| samsung | ss256j_firmware | - |
| samsung | ss027a_firmware | - |
| samsung | 7fr00a#ab1_firmware | - |
| samsung | ss388f_firmware | - |
| samsung | ss340c_firmware | - |
| samsung | ss335d_firmware | - |
| samsung | ss271q_firmware | - |
| samsung | ss404q_firmware | - |
| samsung | ss152a_firmware | - |
| samsung | ss033k_firmware | - |
| samsung | ss236a_firmware | - |
| samsung | ss107a_firmware | - |
| samsung | ss325a_firmware | - |
| samsung | ss388h_firmware | - |
| samsung | ss335a_firmware | - |
| samsung | 8pa10a#301_firmware | - |
| samsung | ss059e_firmware | - |
| samsung | ss404l_firmware | - |
| samsung | ss332a_firmware | - |
| hp | 4zb89a_firmware | - |
| samsung | ss335b_firmware | - |
| samsung | ss256m_firmware | - |
| samsung | ss395q_firmware | - |
| samsung | ss279a_firmware | - |
| samsung | ss033d_firmware | - |
| samsung | ss404h_firmware | - |
| samsung | ss211p_firmware | - |
| samsung | ss396e_firmware | - |
| samsung | st688c_firmware | - |
| samsung | ss271e_firmware | - |
| samsung | ss257p_firmware | - |
| samsung | ss384d_firmware | - |
| samsung | ss390a_firmware | - |
| samsung | 7fq91a#ab1_firmware | - |
| samsung | ss323a_firmware | - |
| samsung | ss059d_firmware | - |
| samsung | ss210b_firmware | - |
| samsung | ss106e_firmware | - |
| samsung | ss272t_firmware | - |
| samsung | ss343k_firmware | - |
| samsung | ss383x_firmware | - |
| samsung | ss027g_firmware | - |
| hp | 715a3a_firmware | - |
| samsung | ss254a_firmware | - |
| samsung | ss392c_firmware | - |
| samsung | ss076z_firmware | - |
| samsung | ss377e_firmware | - |
| samsung | ss044a_firmware | - |
| samsung | ss388e_firmware | - |
| samsung | ss230z_firmware | - |
| samsung | ss154a_firmware | - |
| samsung | ss196a_firmware | - |
| samsung | ss075k_firmware | - |
| samsung | ss041a_firmware | - |
| samsung | ss287b_firmware | - |
| samsung | st686g_firmware | - |
| samsung | 3b0c7a#301_firmware | - |
| samsung | ss256c_firmware | - |
| samsung | st686h_firmware | - |
| samsung | ss383j_firmware | - |
| samsung | ss075g_firmware | - |
| samsung | ss105b_firmware | - |
| samsung | ss033j_firmware | - |
| samsung | ss397q_firmware | - |
| samsung | ss349c_firmware | - |
| samsung | ss042h_firmware | - |
| samsung | ss153f_firmware | - |
| samsung | ss059f_firmware | - |
| samsung | ss343e_firmware | - |
| samsung | ss365c_firmware | - |
| samsung | ss232a_firmware | - |
| samsung | ss389t_firmware | - |
| samsung | ss107c_firmware | - |
| samsung | ss219a_firmware | - |
| samsung | ss398e_firmware | - |
| samsung | ss395l_firmware | - |
| samsung | ss327a_firmware | - |
| samsung | ss380a_firmware | - |
| samsung | ss044e_firmware | - |
| samsung | ss369d_firmware | - |
| samsung | ss043h_firmware | - |
| samsung | ss075c_firmware | - |
| samsung | ss281a_firmware | - |
| samsung | ss042a_firmware | - |
| samsung | ss216e_firmware | - |
| samsung | ss339c_firmware | - |
| samsung | ss383z_firmware | - |
| samsung | ss383w_firmware | - |
| samsung | ss378a_firmware | - |
| samsung | ss257g_firmware | - |
| samsung | ss383u_firmware | - |
| samsung | 7gf51a#ab1_firmware | - |
| samsung | ss075a_firmware | - |
| samsung | 7gf54a#ab1_firmware | - |
| hp | 5ue15a_firmware | - |
| hp | 9vv52a_firmware | - |
| samsung | ss076u_firmware | - |
| hp | 715a0a_firmware | - |
| samsung | ss353d_firmware | - |
| hp | 714z9a_firmware | - |
| hp | 4zb82a_firmware | - |
| samsung | st679g_firmware | - |
| samsung | ss365d_firmware | - |
| samsung | ss229b_firmware | - |
| samsung | ss150d_firmware | - |
| samsung | 7gf49a#ab1_firmware | - |
| samsung | ss383d_firmware | - |
| samsung | ss106t_firmware | - |
| samsung | ss342a_firmware | - |
| samsung | ss033c_firmware | - |
| samsung | ss370a_firmware | - |
| samsung | ss272j_firmware | - |
| samsung | ss404e_firmware | - |
| samsung | ss256l_firmware | - |
| samsung | ss368f_firmware | - |
| samsung | ss259a_firmware | - |
| samsung | ss265a_firmware | - |
| samsung | ss352h_firmware | - |
| samsung | ss395d_firmware | - |
| samsung | ss205n_firmware | - |
| samsung | ss027e_firmware | - |
| hp | 715a5a_firmware | - |
| samsung | ss267a_firmware | - |
| samsung | ss044j_firmware | - |
| samsung | sw112b_firmware | - |
| samsung | ss335f_firmware | - |
| samsung | ss254e_firmware | - |
| samsung | ss229f_firmware | - |
| samsung | ss378h_firmware | - |
| samsung | ss216t_firmware | - |
| samsung | ss106g_firmware | - |
| samsung | st695b_firmware | - |
| samsung | ss359a_firmware | - |
| samsung | 7fr01a#ab1_firmware | - |
| samsung | ss352a_firmware | - |
| samsung | ss229a_firmware | - |
| samsung | ss108g_firmware | - |
| samsung | ss257n_firmware | - |
| samsung | ss105f_firmware | - |
| samsung | ss211n_firmware | - |
| samsung | ss256q_firmware | - |
| samsung | ss210m_firmware | - |
| samsung | ss044d_firmware | - |
| samsung | ss383q_firmware | - |
| samsung | ss216n_firmware | - |
| samsung | ss256t_firmware | - |
| samsung | ss391a_firmware | - |
| samsung | ss284b_firmware | - |
| samsung | ss367d_firmware | - |
| hp | w7u02a_firmware | - |
| samsung | ss380b_firmware | - |
| samsung | ss397h_firmware | - |
| samsung | ss335g_firmware | - |
| samsung | ss196b_firmware | - |
| samsung | ss049l_firmware | - |
| samsung | ss211k_firmware | - |
| samsung | ss105g_firmware | - |
| samsung | 3a9x4a#ab1_firmware | - |
| samsung | ss027j_firmware | - |
| samsung | 7fr02a#ab1_firmware | - |
| samsung | ss049m_firmware | - |
| samsung | ss330a_firmware | - |
| samsung | ss393a_firmware | - |
| samsung | ss272c_firmware | - |
| samsung | ss033b_firmware | - |
| samsung | ss357a_firmware | - |
| samsung | ss230q_firmware | - |
| samsung | ss368h_firmware | - |
| samsung | ss153b_firmware | - |
| samsung | ss044c_firmware | - |
| samsung | ss352q_firmware | - |
| samsung | ss367c_firmware | - |
| samsung | ss041h_firmware | - |
| samsung | ss237a_firmware | - |
| samsung | ss388l_firmware | - |
| samsung | ss368c_firmware | - |
| samsung | ss377c_firmware | - |
| samsung | ss389u_firmware | - |
| samsung | ss352c_firmware | - |
| samsung | ss230c_firmware | - |
| samsung | ss388g_firmware | - |
| samsung | ss076p_firmware | - |
| samsung | ss349e_firmware | - |
| samsung | ss254c_firmware | - |
| samsung | ss257h_firmware | - |
| samsung | 8pa11a#301_firmware | - |
| samsung | ss384e_firmware | - |
| samsung | ss404a_firmware | - |
| hp | 4zb80a_firmware | - |
| samsung | ss042g_firmware | - |
| samsung | ss041c_firmware | - |
| samsung | ss210l_firmware | - |
| hp | 715a1a_firmware | - |
| samsung | ss377g_firmware | - |
| samsung | ss108f_firmware | - |
| samsung | ss257c_firmware | - |
| samsung | ss367a_firmware | - |
| samsung | ss107j_firmware | - |
| samsung | st683a_firmware | - |
| samsung | ss049d_firmware | - |
| samsung | ss359g_firmware | - |
| samsung | ss383h_firmware | - |
| samsung | ss230h_firmware | - |
| samsung | ss386d_firmware | - |
| samsung | ss216s_firmware | - |
| samsung | ss106h_firmware | - |
| samsung | ss397n_firmware | - |
| samsung | ss393b_firmware | - |
| samsung | ss386e_firmware | - |
| samsung | ss216f_firmware | - |
| samsung | ss397b_firmware | - |
| samsung | ss205g_firmware | - |
| samsung | ss274b_firmware | - |
| samsung | ss230a_firmware | - |
| samsung | ss377j_firmware | - |
| samsung | ss388k_firmware | - |
| samsung | ss106q_firmware | - |
| samsung | ss329a_firmware | - |
| samsung | ss398d_firmware | - |
| samsung | ss216p_firmware | - |
| samsung | ss353h_firmware | - |
| samsung | ss027h_firmware | - |
| samsung | ss108b_firmware | - |
| samsung | ss327c_firmware | - |
| samsung | st682c_firmware | - |
| samsung | ss041j_firmware | - |
| samsung | st695a_firmware | - |
| samsung | ss391f_firmware | - |
| samsung | ss256p_firmware | - |
| samsung | st682a_firmware | - |
| samsung | ss153g_firmware | - |
| samsung | ss334d_firmware | - |
| hp | 8af52a_firmware | - |
| samsung | ss150b_firmware | - |
| samsung | ss049h_firmware | - |
| samsung | ss285a_firmware | - |
| samsung | ss326b_firmware | - |
| samsung | ss352p_firmware | - |
| samsung | ss398f_firmware | - |
| samsung | ss368a_firmware | - |
| samsung | ss215a_firmware | - |
| samsung | ss272h_firmware | - |
| hp | 1vr14a_firmware | - |
| samsung | ss043j_firmware | - |
| samsung | ss286a_firmware | - |
| samsung | ss330c_firmware | - |
| hp | 2zn50a_firmware | - |
| samsung | ss271a_firmware | - |
| samsung | ss059b_firmware | - |
| samsung | ss383f_firmware | - |
| samsung | ss348a_firmware | - |
| samsung | ss365b_firmware | - |
| samsung | ss205b_firmware | - |
| samsung | ss368e_firmware | - |
| samsung | ss352m_firmware | - |
| samsung | 3a9x3a#ab1_firmware | - |
| samsung | ss041e_firmware | - |
| samsung | ss378k_firmware | - |
| samsung | ss042e_firmware | - |
| samsung | ss153l_firmware | - |
| samsung | ss210a_firmware | - |
| samsung | 7fq88a#ab1_firmware | - |
| samsung | ss213h_firmware | - |
| samsung | st686a_firmware | - |
| samsung | st683b_firmware | - |
| samsung | ss230m_firmware | - |
| samsung | ss271t_firmware | - |
| samsung | ss379a_firmware | - |
| samsung | ss230l_firmware | - |
| samsung | ss271s_firmware | - |
| samsung | ss348b_firmware | - |
| samsung | ss359k_firmware | - |
| samsung | ss327b_firmware | - |
| samsung | ss216q_firmware | - |
| samsung | ss271h_firmware | - |
| samsung | ss106a_firmware | - |
| samsung | ss367f_firmware | - |
| samsung | ss237b_firmware | - |
| samsung | ss108c_firmware | - |
| samsung | ss390f_firmware | - |
| samsung | ss106b_firmware | - |
| samsung | st688g_firmware | - |
| samsung | ss274a_firmware | - |
| samsung | ss276b_firmware | - |
| samsung | 7fq97a#ab1_firmware | - |
| samsung | ss204f_firmware | - |
| samsung | ss271m_firmware | - |
| samsung | ss272u_firmware | - |
| samsung | ss205c_firmware | - |
| samsung | ss076x_firmware | - |
| samsung | ss216l_firmware | - |
| samsung | ss349d_firmware | - |
| samsung | ss210g_firmware | - |
| samsung | ss261a_firmware | - |
| samsung | ss395h_firmware | - |
| samsung | ss272g_firmware | - |
| hp | 4zb91a_firmware | - |
| samsung | ss378c#304_firmware | - |
| samsung | ss378j_firmware | - |
| samsung | ss352f_firmware | - |
| samsung | st693b_firmware | - |
| samsung | st694a_firmware | - |
| samsung | ss282c_firmware | - |
| samsung | ss328b_firmware | - |
| samsung | ss365h_firmware | - |
| samsung | ss211c_firmware | - |
| samsung | 7fq96a#ab1_firmware | - |
| samsung | ss397a_firmware | - |
| samsung | ss273a_firmware | - |
| hp | 4zb94a_firmware | - |
| samsung | ss196g_firmware | - |
| samsung | ss075d_firmware | - |
| hp | 6hu12a_firmware | - |
| samsung | ss216v_firmware | - |
| samsung | ss272d_firmware | - |
| samsung | ss267b_firmware | - |
| samsung | 8pa13a#302_firmware | - |
| samsung | ss235a_firmware | - |
| samsung | ss359q_firmware | - |
| samsung | ss151b_firmware | - |
| samsung | ss353e_firmware | - |
| samsung | ss339a_firmware | - |
| samsung | ss044n_firmware | - |
| samsung | ss027b_firmware | - |
| samsung | ss377m_firmware | - |
| samsung | st694b_firmware | - |
| samsung | ss196d_firmware | - |
| samsung | ss049a_firmware | - |
| samsung | ss397k_firmware | - |
| samsung | ss213g_firmware | - |
| samsung | st673d_firmware | - |
| samsung | 7gf52a#ab1_firmware | - |
| samsung | ss383v_firmware | - |
| samsung | ss256s_firmware | - |
| samsung | ss043e_firmware | - |
| samsung | ss389d_firmware | - |
| samsung | ss404z_firmware | - |
| hp | 7zb25a_firmware | - |
| samsung | ss266a_firmware | - |
| samsung | ss196f_firmware | - |
| samsung | ss197a_firmware | - |
| samsung | sv899d_firmware | - |
| samsung | ss388j_firmware | - |
| samsung | ss395b_firmware | - |
| samsung | ss388c_firmware | - |
| samsung | ss212a_firmware | - |
| samsung | ss213c_firmware | - |
| samsung | ss341a_firmware | - |
| samsung | ss211h_firmware | - |
| samsung | ss389v_firmware | - |
| samsung | ss390e_firmware | - |
| samsung | ss257m_firmware | - |
| samsung | ss352l_firmware | - |
| samsung | ss257b_firmware | - |
| samsung | ss043a_firmware | - |
| samsung | ss386f_firmware | - |
| samsung | ss231a_firmware | - |
| samsung | ss254g_firmware | - |
| samsung | ss152b_firmware | - |
| samsung | ss353j_firmware | - |
| samsung | st673c_firmware | - |
| samsung | ss271l_firmware | - |
| samsung | ss075e_firmware | - |
| samsung | ss366a_firmware | - |
| samsung | 7fr04a#ab1_firmware | - |
| samsung | ss218d_firmware | - |
| samsung | st686b_firmware | - |
| hp | 714z8a_firmware | - |
| samsung | ss392b_firmware | - |
| samsung | st688d_firmware | - |
| hp | 4zb88a_firmware | - |
| samsung | ss255c_firmware | - |
| samsung | ss216d_firmware | - |
| samsung | ss105c_firmware | - |
| samsung | ss106m_firmware | - |
| samsung | ss204n_firmware | - |
| samsung | ss218f_firmware | - |
| samsung | ss353k_firmware | - |
| samsung | ss230t_firmware | - |
| samsung | ss049g_firmware | - |
| samsung | ss033m_firmware | - |
| samsung | ss284a_firmware | - |
| samsung | ss211e_firmware | - |
| samsung | st688h_firmware | - |
| samsung | st679h_firmware | - |
| samsung | ss075h_firmware | - |
| samsung | ss263a_firmware | - |
| samsung | ss153a_firmware | - |
| samsung | ss152d_firmware | - |
| samsung | 7fq92a#ab1_firmware | - |
| samsung | ss271j_firmware | - |
| samsung | ss369c_firmware | - |
| samsung | ss396a_firmware | - |
| samsung | ss397e_firmware | - |
| samsung | ss355a_firmware | - |
| samsung | ss210k_firmware | - |
| samsung | ss335h_firmware | - |
| samsung | 7fq87a#ab1_firmware | - |
| hp | 4zb95a_firmware | - |
| samsung | ss210h_firmware | - |
| hp | 2zn49a_firmware | - |
| samsung | ss395t_firmware | - |
| samsung | ss218j_firmware | - |
| samsung | ss044m_firmware | - |
| samsung | ss386c_firmware | - |
| samsung | ss388b_firmware | - |
| samsung | ss150n_firmware | - |
| samsung | ss153e_firmware | - |
| samsung | ss288a_firmware | - |
| samsung | ss404d_firmware | - |
| samsung | ss213e_firmware | - |
| samsung | ss205e_firmware | - |
| samsung | ss280a_firmware | - |
| samsung | ss352s_firmware | - |
| samsung | st690d_firmware | - |
| hp | 7ab26a_firmware | - |
| samsung | ss205l_firmware | - |
| samsung | ss153k_firmware | - |
| samsung | ss271f_firmware | - |
| samsung | ss272b_firmware | - |
| samsung | ss204j_firmware | - |
| samsung | ss368b_firmware | - |
| samsung | ss271c_firmware | - |
| samsung | ss389a_firmware | - |
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H | 1.8 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 11.0 |
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L | 2.5 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_vision | * |
Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L | 0.8 | 3.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_things | * |
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 2.1 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 0.7 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.4 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N | 1.0 | 5.8 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 10.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | flow | * |
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | flow | * |
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 2.5 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.1 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 0.7 | 1.4 |
| mobile.security@samsung.com | 2.3 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N | 0.7 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one_hand_operation_+ | * |
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L | 0.8 | 5.3 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N | 1.6 | 4.2 |
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_firmware | - |
Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 9.0 | CRITICAL | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N | 2.5 | 5.8 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L | 1.0 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L | 0.8 | 3.7 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.1 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | quick_share | * |
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | myfiles | * |
Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | calendar | * |
Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixbytouch | * |
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.2 | 3.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos | - |
Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H | 0.2 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H | 0.2 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N | 1.0 | 5.2 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.0 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L | 2.5 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.0 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L | 2.5 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.9 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N | 1.5 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_suggestions | 4.1.01.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.9 | 5.2 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | camera | * |
Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local attacker to access protected data using exported service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N | 1.1 | 4.7 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 0.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 0.9 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 0.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.2 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 1.5 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 0.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.2 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.2 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_core_services | * |
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_blockchain_keystore | * |
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos | - |
Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | searchwidget | * |
The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G SM message codec can occur due to insufficient parameter validation when decoding reserved options.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 7.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H | 2.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP (Session Description Protocol) module.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve@mitre.org | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5126. Memory corruption can occur due to improper checking of the number of properties while parsing the chatroom attribute in the SDP (Session Description Protocol) module.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H | 3.9 | 4.7 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H | 2.2 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 3.1 | LOW | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L | 0.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_980_firmware | - |
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.7 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Exposure of Sensitive Information vulnerability in getDefaultChipId in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Exposure of Sensitive Information vulnerability in getChipInfos in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Exposure of Sensitive Information vulnerability in getChipIds in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker to send broadcast with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in BuildIpcFactoryDeviceTestEvent of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H | 0.8 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in Samsung Smart Switch for Windows Installer prior to version 4.3.23043_3 allows attackers to cause permanent DoS via directory junction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch_pc | * |
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch_pc | * |
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access stored account information when Samsung Wallet is not installed.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | calendar | * |
Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N | 1.4 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_book2_go_firmware | - |
| samsung | galaxy_book_go_5g_firmware | - |
| samsung | galaxy_book_go_firmware | - |
| samsung | galaxy_book2_pro_360_firmware | - |
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_book2_go_firmware | - |
| samsung | galaxy_book_go_5g_firmware | - |
| samsung | galaxy_book_go_firmware | - |
| samsung | galaxy_book2_pro_360_firmware | - |
Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 3.8 | LOW | CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| nvd@nist.gov | 4.9 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 1.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 7.9 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L | 2.5 | 5.3 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gamelauncher | * |
Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. This vulnerability requires user interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | packageinstallerchn | * |
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | camera | * |
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:H | 0.2 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N | 1.4 | 5.8 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 1.4 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sassistant | * |
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 2.8 | 2.5 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_assistant | * |
Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_book_firmware | * |
| samsung | galaxy_book_pro_360_firmware | * |
| samsung | galaxy_book_odyssey_firmware | * |
| samsung | galaxy_book_pro_firmware | * |
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_5123_firmware | - |
| samsung | exynos_5300_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_9810_firmware | - |
| samsung | exynos_9610_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | s3nrn4v_firmware | - |
| samsung | s3nsen4_firmware | - |
| samsung | s3nrn82_firmware | - |
| samsung | s3nsn4v_firmware | - |
| samsung | sen82ab_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
| cve@mitre.org | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_9810_firmware | - |
| samsung | exynos_9610_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 2.0 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L | 0.6 | 1.4 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | fgn4321-sa_firmware | * |
| samsung | fgn2222-sa_firmware | * |
| samsung | fgn1122-sa_firmware | * |
| samsung | fgn2235-sa_firmware | * |
| samsung | fgn1122-cd_firmware | * |
| samsung | fgn1222-sa_firmware | * |
| samsung | fgn2222a-sa_firmware | * |
| samsung | fgn4321-cd_firmware | * |
| samsung | fgn1133-sa_firmware | * |
| samsung | fgn1115-wp-wh_firmware | * |
| samsung | fgn1133-cd_firmware | * |
| samsung | fgn1133a-sa_firmware | * |
| samsung | fgn1133a-cd_firmware | * |
| samsung | fgn2122-sa_firmware | * |
| samsung | fgn1233a-cd_firmware | * |
| samsung | fgn2122-cd_firmware | * |
| samsung | fgn3132a-sa_firmware | * |
| samsung | fgn2135-cd_firmware | * |
| samsung | fgn2222-cd_firmware | * |
| samsung | fgn1233a-sa_firmware | * |
| samsung | fgn2235-cd_firmware | * |
| samsung | fgn2122a-sa_firmware | * |
| samsung | fgn2212-cd_firmware | * |
| samsung | fgn2122a-cd_firmware | * |
| samsung | fgn2222a-cd_firmware | * |
| samsung | fgn1233-sa_firmware | * |
| samsung | fgn3232a-c_firmware | * |
| samsung | fgn1233-cd_firmware | * |
| samsung | fgn2212-sa_firmware | * |
| samsung | fgn3132a-c_firmware | * |
| samsung | fgn1222-cd_firmware | * |
| samsung | fgn3232a-sa_firmware | * |
| samsung | fgn2135-sa_firmware | * |
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| cve@mitre.org | 2.0 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L | 0.6 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | harman_infotainment | 20190525031613 |
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | harman_infotainment | 20190525031613 |
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | harman_infotainment | 20190525031613 |
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| cve@mitre.org | 2.0 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L | 0.6 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2100_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_9810_firmware | - |
| samsung | exynos_9610_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_9810_firmware | - |
| samsung | exynos_9610_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | escargot | 4.0.0 |
| samsung | escargot | 3.0.0 |
Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 3.5 | LOW | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.1 | 1.4 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | ue40d7000_firmware | * |
Samsung Mobile Processor Exynos 2200 allows a GPU Double Free (issue 1 of 2).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.0 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows to exploit this vulnerability.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | memory_card_&_ufd_authentication | * |
Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve@mitre.org | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.3 | 5.9 |
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L | 0.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 0.7 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 1.8 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | push_service | * |
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | push_service | * |
Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby_voice | * |
Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | quick_share | * |
Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | phone | * |
Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | firewall | * |
Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N | 0.2 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N | 1.8 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | easysetup | * |
Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L | 0.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 0.9 | 4.2 |
| mobile.security@samsung.com | 4.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N | 0.7 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.4 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.4 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 0.5 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H | 1.3 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H | 1.4 | 5.3 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 13.0 |
Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 13.0 |
Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.6 | HIGH | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 0.9 | 6.0 |
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | find_my_mobile | * |
Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account_web_software_development_kit | * |
PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.0 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | search_widget | * |
Improper access control vulnerablility in GameHomeCN prior to version 4.2.60.2 allows local attackers to launch arbitrary activity in GameHomeCN.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gamehomecn | * |
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N | 0.2 | 5.2 |
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N | 0.2 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | pass | * |
Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_voice_recorder | * |
Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_keyboard | * |
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the Bootloader.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| cve@mitre.org | 4.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N | 0.4 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.0 | 3.6 |
| cve@mitre.org | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N | 0.3 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.2 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the NAS (Non-Access-Stratum) module. This can lead to bypass of authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.2 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850 Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows out-of-bounds access to a heap buffer in the SIM Proactive Command.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR Sep-2023 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | dex | * |
Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L | 2.1 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | myfiles | * |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | myfiles | * |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | nearby_device_scanning | * |
Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | nearby_device_scanning | * |
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.0 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H | 1.6 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.0 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H | 1.6 | 5.8 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | uphelper_library | * |
Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an application without proper interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | 24.0 |
Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N | 0.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L | 2.5 | 3.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | voice_recorder | * |
Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | voice_recorder | * |
Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L | 0.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L | 0.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | samsung_pay | * |
Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper verification of intent by broadcast receiver vulnerability in ThemeStore prior to 5.3.05.2 allows local attackers to write arbitrary files to sandbox of ThemeStore.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_themes | * |
Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | camera | * |
Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 11.0 |
| samsung | android | 13.0 |
Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system resources.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.7 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical attackers to partially bypass the factory reset protection.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L | 0.7 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one_ui | * |
Improper handling of insufficient privileges vulnerability in TalkbackSE prior to version Android 14 allows local attackers to modify setting value of TalkbackSE.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L | 0.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.9 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L | 0.9 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_buds_manager | * |
Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H | 1.6 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H | 1.0 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.7 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in SoftphoneClient in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N | 1.4 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 8.0.0 |
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the SM (Session Management module), which can lead to Denial of Service (Untrusted Pointer Dereference).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processors Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, and Exynos W930 where they do not properly check length of the data, which can lead to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H | 0.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_roamed_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_done_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_ind(), there is no input validation check on a length coming from userspace, which can lead to integer overflow and a potential heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| cve@mitre.org | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_received_frame_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| cve@mitre.org | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on hal_req->num_config_discovery_attr coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->rx_match_filter_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H | 0.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on default_ies coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_1480_firmware | - |
A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_1480_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_modem_5300_firmware | - |
A vulnerability was discovered in SS in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves a NULL pointer dereference which can cause abnormal termination of a mobile phone via a manipulated packet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.3 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_auto_t5123_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, and Exynos Modem 5300 that involves incorrect authorization of LTE NAS messages and leads to downgrading to lower network generations and repeated DDOS.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 8.0.0 |
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 8.0.0 |
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where they lack a check for the validation of native handles, which can result in a DoS(Denial of Service) attack by unmapping an invalid length.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in an Out-of-Bounds Write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper reference count checking, which can result in a UAF (Use-After-Free) vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | escargot | 4.0.0 |
Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.7 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 2.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | good_lock | * |
Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips' privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | tips | * |
Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | flow | * |
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
| samsung | galaxystore | * |
Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in Sound Assistant prior to version 6.1.0.9 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sound_assistant | * |
Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | video_player | * |
Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 8.0.0 |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 7.0 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H | 2.2 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an out-of-bounds write due to a heap overflow in the GPRS protocol.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading to a denial of service (battery-drain attack).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling message, resulting in an information leak of the UE.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 0.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L | 1.6 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.0 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N | 0.6 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_touch_call | * |
Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | quick_share | * |
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L | 0.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 13.0 |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the target through the Wi-Fi driver.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the decoding of DL NAS Transport messages leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration Accept messages can lead to out-of-bounds writes on the stack
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve@mitre.org | 2.8 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N | 1.3 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | 8.1.0 |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an attacker sends malformed MM packets to the target.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed RRC packets to the target.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | rlottie | 0.2 |
Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L | 1.0 | 4.2 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L | 1.0 | 4.2 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L | 1.0 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 0.7 | 5.2 |
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N | 0.7 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 13.0 |
Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
| nvd@nist.gov | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.2 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | 0.7 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | easysetup | * |
Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L | 0.8 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L | 0.8 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L | 0.8 | 5.5 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H | 1.5 | 4.0 |
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 12.0 |
| samsung | android | 13.0 |
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | myfiles | * |
Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
| samsung | android | 14.0 |
Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 0.7 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | 0.8 | 3.6 |
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read and write arbitrary file with the privilege of Samsung Members.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L | 2.5 | 4.7 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.8 | 4.7 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local attackers to access sensitive data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | bixby | * |
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N | 3.9 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | gallery | * |
Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | flow | * |
Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | flow | * |
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.2 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L | 0.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.2 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L | 0.5 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.5 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L | 1.0 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.9 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L | 1.4 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 1.3 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.1 | LOW | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 0.7 | 1.4 |
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 0.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H | 1.5 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L | 0.8 | 5.5 |
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | blockchain_keystore | * |
Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_wearable | * |
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 1.8 | 2.5 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 2.5 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H | 0.7 | 5.2 |
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | calendar | * |
Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 1.3 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N | 0.5 | 3.6 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 0.7 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sassistant | * |
Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sassistant | * |
Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 2.5 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | sassistant | * |
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | * |
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.8 | 3.6 |
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | wear_os | 5.0 |
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 2.4 | LOW | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 0.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L | 0.9 | 4.2 |
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.5 | 4.0 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 13.0 |
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Improper authorization in Samsung Health prior to version 6.30.5.105 allows local attackers to access data in Samsung Health.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | health | * |
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.6 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | voice_recorder | * |
Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | notes | * |
Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.7 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N | 0.5 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.8 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N | 1.6 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | * |
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25615.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smartthings | * |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol implementation because of a mismatch between the actual length of the payload and the length declared within the payload.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.6 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | 3.9 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | modem_5400_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_9820_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_9825_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5300_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update process.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | * |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A programming mistake for buffer copy leads to out-of-bounds writes via malformed ROHC packets.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5300_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | 5.0.9 |
Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Harman Becker MGU21 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Bluetooth stack of the BCM89359 chipset. The issue results from the lack of proper validation of Bluetooth frames. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23942.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | harman_mgu21_firmware | mgu21_22-07 |
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_980_firmware | - |
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5300_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.1 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 1.4 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1 of 2.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | rlottie | 0.2 |
Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | rlottie | 0.2 |
Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | rlottie | 0.2 |
An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 8.0 | HIGH | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H | 1.3 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 4.9 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 1.2 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
| PSIRT@samsung.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H | 1.6 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.4 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H | 0.9 | 5.5 |
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 3.9 | 5.2 |
| PSIRT@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 0.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | data_management_server_firmware | * |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking, which can cause a fatal error.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5300_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing leads to information leakage.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000. A race condition in the VTS driver results in an out-of-bounds read, leading to an information leak.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DATA messages.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message (including an SMS message) lacks bounds checking, which can lead to a heap overflow.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | modem_5300_firmware | - |
| samsung | modem_5400_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | modem_5123_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q->bufs[] in the __is_done_for_me function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | * |
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | * |
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | * |
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | * |
An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the __npu_vertex_bootup function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | 3.9 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 8.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | 3.9 | 4.2 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| PSIRT@samsung.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem (Exynos 980, 850, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 1680, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400, and Modem 5410). The absence of proper input validation leads to a Denial of Service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_modem_5300_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1680_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_2100_firmware | - |
| samsung | exynos_modem_5410_firmware | - |
| samsung | exynos_modem_5400_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magician | * |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_delts write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_cert_disable_ht_vht write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/uapsd write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/create_tspec write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/conn_log_event_burst_to_us write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_certif_11ax_mode write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_addts write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/p2p_certif write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/confg_tspec write operation, leading to kernel memory exhaustion.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_w930_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_980_firmware | - |
| samsung | exynos_1330_firmware | - |
| samsung | exynos_1280_firmware | - |
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L | 0.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.2 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 0.5 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | motionphoto | * |
Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 7.3 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | 1.3 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | motionphoto | * |
Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 2.5 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | internet | * |
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L | 2.5 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | account | * |
Improper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 4.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_touch_call | 1.0.1.1 |
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_w930_firmware | - |
| samsung | exynos_850_firmware | - |
| samsung | exynos_1080_firmware | - |
| samsung | exynos_w1000_firmware | - |
| samsung | exynos_990_firmware | - |
| samsung | exynos_modem_5123_firmware | - |
| samsung | exynos_w920_firmware | - |
| samsung | exynos_9110_firmware | - |
| samsung | exynos_980_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP input leads to a denial of service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_1380_firmware | - |
| samsung | exynos_2500_firmware | - |
| samsung | exynos_2200_firmware | - |
| samsung | exynos_1480_firmware | - |
| samsung | exynos_1580_firmware | - |
| samsung | exynos_2400_firmware | - |
| samsung | exynos_1280_firmware | - |
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | exynos_2200_firmware | - |
Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| mobile.security@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | cloud | * |
Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
| samsung | android | 13.0 |
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
| samsung | android | 16.0 |
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | android | 14.0 |
| samsung | android | 15.0 |
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | members | * |
Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | assistant | * |
Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | galaxy_store | * |
Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | smart_switch | * |
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
An unauthenticated user can upload arbitrary files to execute remote code, leading to privilege escalation in MagicInfo9 Server. This issue affects MagicINFO 9 Server: less than 21.1090.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
The database account and password are hardcoded, allowing login with the account to manipulate the database in MagicInfo9 Server.This issue affects MagicINFO 9 Server: less than 21.1090.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | magicinfo_9_server | * |
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H | 1.0 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| PSIRT@samsung.com | 6.6 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H | 1.8 | 4.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| samsung | one | * |