Lucene search

[email protected]NVD:CVE-2014-8346

HistoryOct 24, 2014 - 10:55 a.m.

CVE-2014-8346

2014-10-2410:55:05

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.003

Percentile

66.0%

JSON

The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.

Affected configurations

Nvd

Node

samsungfindmymobileMatch-

AND

samsungmobileMatch-

VendorProductVersionCPE
samsungfindmymobile-cpe:2.3:a:samsung:findmymobile:-:*:*:*:*:*:*:*
samsungmobile-cpe:2.3:h:samsung:mobile:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	findmymobile	-	cpe:2.3:a:samsung:findmymobile:-:::::::*
samsung	mobile	-	cpe:2.3:h:samsung:mobile:-:::::::*

References

www.youtube.com/watch?v=Q3adkpOEjyI

www.youtube.com/watch?v=YufuOYQoDOY

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.003

Percentile

66.0%

JSON

Related for NVD:CVE-2014-8346

threatpost1 cvelist1 prion1 thn1 cve1