Magician Security Vulnerabilities and Issues — Magician CVE List

Lucene search

SamsungMagician

6 matches found

CVE•added 2024/06/20 9:15 p.m.•48 views

CVE-2024-36071

Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path.

6.3CVSS7.2AI score0.00027EPSS

CVE•added 2024/12/03 7:15 p.m.•47 views

CVE-2024-53921

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.

2.8CVSS4.1AI score0.00084EPSS

CVE•added 2024/05/14 3:26 p.m.•42 views

CVE-2024-31952

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the ...

6.7CVSS7.4AI score0.00082EPSS

CVE•added 2017/06/21 8:29 p.m.•38 views

CVE-2017-3218

Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.

8.8CVSS8.7AI score0.00018EPSS

CVE•added 2024/02/07 7:15 p.m.•33 views

CVE-2024-23769

Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.

7.3CVSS5.3AI score0.00053EPSS

CVE•added 2024/05/14 3:27 p.m.•20 views

CVE-2024-31953

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an ad...

6.7CVSS8AI score0.00208EPSS