Lucene search

SamsungMobileCVELIST:CVE-2024-34657

HistorySep 04, 2024 - 5:32 a.m.

CVE-2024-34657

2024-09-0405:32:42

SamsungMobile

www.cve.org

samsung notes

stack-based

out-of-bounds write

remote attackers

arbitrary code

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

EPSS

0.001

Percentile

31.6%

JSON

Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Notes",
    "versions": [
      {
        "status": "unaffected",
        "version": "4.4.21.62"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2024&month=09

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

EPSS

0.001

Percentile

31.6%

JSON

Related for CVELIST:CVE-2024-34657