Lucene search
HistoryOct 24, 2014 - 10:55 a.m.
CVE-2014-8346
cve-2014-8346
samsung
mobile devices
remote controls
denial of service
vulnerability
nvd
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.
Affected configurations
Node
samsungfindmymobileMatch-
samsungmobileMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| samsung:findmymobile | samsung findmymobile | eq | - |
| samsung:mobile | samsung mobile | eq | - |
Related
threatpost
threatpost
Samsung Insists Find My Mobile Service Safe
2014-11-05 14:00:20
nvd
nvd
CVE-2014-8346
2014-10-24 10:55:05
thn
thn
Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device
2014-10-27 02:00:00
prion
prion
Design/Logic Flaw
2014-10-24 10:55:00
cvelist
cvelist
CVE-2014-8346
2014-10-24 10:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.0%
Related for CVE-2014-8346