Lucene search
HistorySep 04, 2024 - 6:15 a.m.
CVE-2024-34643
improper access control
key input function
dressroom
smr sep-2024
local attackers
protected data
user interaction
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
21.4%
Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
Affected configurations
Node
samsungandroidMatch14.0-
ORsamsungandroidMatch14.0smr-apr-2022-r1
ORsamsungandroidMatch14.0smr-apr-2023-r1
ORsamsungandroidMatch14.0smr-apr-2024-r1
ORsamsungandroidMatch14.0smr-aug-2022-r1
ORsamsungandroidMatch14.0smr-aug-2023-r1
ORsamsungandroidMatch14.0smr-aug-2024-r1
ORsamsungandroidMatch14.0smr-dec-2021-r1
ORsamsungandroidMatch14.0smr-dec-2022-r1
ORsamsungandroidMatch14.0smr-dec-2023-r1
ORsamsungandroidMatch14.0smr-feb-2022-r1
ORsamsungandroidMatch14.0smr-feb-2023-r1
ORsamsungandroidMatch14.0smr-feb-2024-r1
ORsamsungandroidMatch14.0smr-jan-2022-r1
ORsamsungandroidMatch14.0smr-jan-2023-r1
ORsamsungandroidMatch14.0smr-jan-2024-r1
ORsamsungandroidMatch14.0smr-jul-2022-r1
ORsamsungandroidMatch14.0smr-jul-2023-r1
ORsamsungandroidMatch14.0smr-jul-2024-r1
ORsamsungandroidMatch14.0smr-jun-2022-r1
ORsamsungandroidMatch14.0smr-jun-2023-r1
ORsamsungandroidMatch14.0smr-jun-2024-r1
ORsamsungandroidMatch14.0smr-mar-2022-r1
ORsamsungandroidMatch14.0smr-mar-2023-r1
ORsamsungandroidMatch14.0smr-mar-2024-r1
ORsamsungandroidMatch14.0smr-may-2022-r1
ORsamsungandroidMatch14.0smr-may-2023-r1
ORsamsungandroidMatch14.0smr-may-2024-r1
ORsamsungandroidMatch14.0smr-nov-2021-r1
ORsamsungandroidMatch14.0smr-nov-2022-r1
ORsamsungandroidMatch14.0smr-nov-2023-r1
ORsamsungandroidMatch14.0smr-oct-2022-r1
ORsamsungandroidMatch14.0smr-oct-2023-r1
ORsamsungandroidMatch14.0smr-sep-2022-r1
ORsamsungandroidMatch14.0smr-sep-2023-r1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:* |
| samsung | android | 14.0 | cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-34643
2024-09-04 05:32:26
vulnrichment
vulnrichment
CVE-2024-34643
2024-09-04 05:32:26
cve
cve
CVE-2024-34643
2024-09-04 06:15:12
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
21.4%
Related for NVD:CVE-2024-34643