Lucene search

[email protected]NVD:CVE-2024-20860

HistoryMay 07, 2024 - 5:15 a.m.

CVE-2024-20860

2024-05-0705:15:49

[email protected]

web.nvd.nist.gov

cve-2024-20860

improper export

android application components

telephonyui

smr may-2024 release

local attackers

reboot

device

permission

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission.

References

security.samsungmobile.com/securityUpdate.smsb?year=2024&month=05

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.1

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-20860

cvelist1 cve1 vulnrichment1