Lucene search

[email protected]CVE-2024-20841

HistoryMar 05, 2024 - 5:15 a.m.

CVE-2024-20841

2024-03-0505:15:12

[email protected]

web.nvd.nist.gov

cve-2024-20841

samsung

insufficient privileges

security vulnerability

nvd

5.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samnsung Account",
    "versions": [
      {
        "status": "unaffected",
        "version": "14.8.00.3"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03

5.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-20841

prion1 nvd1 cvelist1