Lucene search

SamsungMobileCVE-2024-34620

HistoryAug 07, 2024 - 2:15 a.m.

CVE-2024-34620

2024-08-0702:15:37

SamsungMobile

web.nvd.nist.gov

improper privilege management

sumennservice

smr aug-2024 release

local attackers

privileged service

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

Percentile

9.5%

JSON

Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.

Affected configurations

Nvd

Node

samsungandroidMatch13.0-

samsungandroidMatch13.0smr-apr-2022-r1

samsungandroidMatch13.0smr-apr-2023-r1

samsungandroidMatch13.0smr-apr-2024-r1

samsungandroidMatch13.0smr-aug-2022-r1

samsungandroidMatch13.0smr-aug-2023-r1

samsungandroidMatch13.0smr-dec-2021-r1

samsungandroidMatch13.0smr-dec-2022-r1

samsungandroidMatch13.0smr-dec-2023-r1

samsungandroidMatch13.0smr-feb-2022-r1

samsungandroidMatch13.0smr-feb-2023-r1

samsungandroidMatch13.0smr-feb-2024-r1

samsungandroidMatch13.0smr-jan-2022-r1

samsungandroidMatch13.0smr-jan-2023-r1

samsungandroidMatch13.0smr-jan-2024-r1

samsungandroidMatch13.0smr-jul-2022-r1

samsungandroidMatch13.0smr-jul-2023-r1

samsungandroidMatch13.0smr-jul-2024-r1

samsungandroidMatch13.0smr-jun-2022-r1

samsungandroidMatch13.0smr-jun-2023-r1

samsungandroidMatch13.0smr-jun-2024-r1

samsungandroidMatch13.0smr-mar-2022-r1

samsungandroidMatch13.0smr-mar-2023-r1

samsungandroidMatch13.0smr-mar-2024-r1

samsungandroidMatch13.0smr-may-2022-r1

samsungandroidMatch13.0smr-may-2023-r1

samsungandroidMatch13.0smr-may-2024-r1

samsungandroidMatch13.0smr-nov-2021-r1

samsungandroidMatch13.0smr-nov-2022-r1

samsungandroidMatch13.0smr-nov-2023-r1

samsungandroidMatch13.0smr-oct-2022-r1

samsungandroidMatch13.0smr-oct-2023-r1

samsungandroidMatch13.0smr-sep-2022-r1

samsungandroidMatch13.0smr-sep-2023-r1

samsungandroidMatch14.0-

samsungandroidMatch14.0smr-apr-2022-r1

samsungandroidMatch14.0smr-apr-2023-r1

samsungandroidMatch14.0smr-apr-2024-r1

samsungandroidMatch14.0smr-aug-2022-r1

samsungandroidMatch14.0smr-aug-2023-r1

samsungandroidMatch14.0smr-dec-2021-r1

samsungandroidMatch14.0smr-dec-2022-r1

samsungandroidMatch14.0smr-dec-2023-r1

samsungandroidMatch14.0smr-feb-2022-r1

samsungandroidMatch14.0smr-feb-2023-r1

samsungandroidMatch14.0smr-feb-2024-r1

samsungandroidMatch14.0smr-jan-2022-r1

samsungandroidMatch14.0smr-jan-2023-r1

samsungandroidMatch14.0smr-jan-2024-r1

samsungandroidMatch14.0smr-jul-2022-r1

samsungandroidMatch14.0smr-jul-2023-r1

samsungandroidMatch14.0smr-jul-2024-r1

samsungandroidMatch14.0smr-jun-2022-r1

samsungandroidMatch14.0smr-jun-2023-r1

samsungandroidMatch14.0smr-jun-2024-r1

samsungandroidMatch14.0smr-mar-2022-r1

samsungandroidMatch14.0smr-mar-2023-r1

samsungandroidMatch14.0smr-mar-2024-r1

samsungandroidMatch14.0smr-may-2022-r1

samsungandroidMatch14.0smr-may-2023-r1

samsungandroidMatch14.0smr-may-2024-r1

samsungandroidMatch14.0smr-nov-2021-r1

samsungandroidMatch14.0smr-nov-2022-r1

samsungandroidMatch14.0smr-nov-2023-r1

samsungandroidMatch14.0smr-oct-2022-r1

samsungandroidMatch14.0smr-oct-2023-r1

samsungandroidMatch14.0smr-sep-2022-r1

samsungandroidMatch14.0smr-sep-2023-r1

VendorProductVersionCPE
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:-::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1::::::

Rows per page:

1-10 of 681

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Mobile Devices",
    "versions": [
      {
        "status": "unaffected",
        "version": "SMR Aug-2024 Release in Android 13, 14"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2024&month=08

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

Percentile

9.5%

JSON

Related for CVE-2024-34620