PT-2025-4177 · Samsung · Galaxy Store

Name of the Vulnerable Software and Affected Versions: Galaxy Store versions prior to 4.5.87.6 Description: The issue allows physical attackers to install arbitrary applications, bypassing the restrictions of Setupwizard through an alternate path in Galaxy Store. This enables attackers to...

CVE-2023-21433

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store...

Improper access control

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store...

Samsung XCover4 Access Control Error Vulnerability (CNVD-2020-14771)

Samsung XCover4 is a smartphone from Samsung South Korea. An access control error vulnerability exists in the Samsung XCover4. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit the vulnerabili...

CVE-2019-13406

A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication...

Samsung Galaxy Apps URL Handling Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...