Lucene search

K
cvelistZdiCVELIST:CVE-2018-10502
HistorySep 24, 2018 - 11:00 p.m.

CVE-2018-10502

2018-09-2423:00:00
CWE-269
zdi
www.cve.org

0.0004 Low

EPSS

Percentile

15.8%

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359.

CNA Affected

[
  {
    "product": "Samsung Galaxy Apps",
    "vendor": "Samsung",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in version 4.2.18.2"
      }
    ]
  }
]

0.0004 Low

EPSS

Percentile

15.8%

Related for CVELIST:CVE-2018-10502