Lucene search
HistoryMar 05, 2024 - 5:15 a.m.
CVE-2024-20837
samsung internet
trusted web activities
permission grant
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.2%
Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.
Related
cvelist
cvelist
CVE-2024-20837
2024-03-05 04:44:46
cve
cve
CVE-2024-20837
2024-03-05 05:15:11
prion
prion
Input validation
2024-03-05 05:15:00
5.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.2%
Related for NVD:CVE-2024-20837