Lucene search

[email protected]NVD:CVE-2024-31954

HistoryMay 14, 2024 - 3:30 p.m.

CVE-2024-31954

2024-05-1415:30:12

CWE-538

[email protected]

web.nvd.nist.gov

cve-2024-31954

samsung portable ssd

windows

arbitrary code execution

privilege escalation

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

0 Low

EPSS

Percentile

0.0%

JSON

An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows. Because it is possible to tamper with the directory and DLL files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (An attacker must already have user privileges)

References

semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31954/

7.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

0 Low

EPSS

Percentile

0.0%

JSON

Related for NVD:CVE-2024-31954

cve1 vulnrichment1 cvelist1