Multiple vulnerabilities in Samsung Android Applications



Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2024-49403
CVE-2024-49404
CVE-2024-49405
CVE-2024-49406
CVE-2024-49407
CWE-ID CWE-284
CWE-287
CWE-354
Exploitation vector Local
Public exploit N/A
Vulnerable software
Voice Recorder
Mobile applications / Apps for mobile phones

Samsung Video Player
Mobile applications / Apps for mobile phones

SamsungPass
Mobile applications / Apps for mobile phones

Samsung Blockchain Keystore
Mobile applications / Apps for mobile phones

Samsung Flow
Mobile applications / Apps for mobile phones

Vendor Samsung

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU99856

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49403

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. An attacker with physical access can bypass implemented security restrictions and access recording files on the lock screen.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Voice Recorder: before 21.5.40.37

CPE2.3 External links

http://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

EUVDB-ID: #VU99857

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49404

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. An attacker with physical access can bypass implemented security restrictions and access video file of other users.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Samsung Video Player: before 7.3.29.1

CPE2.3 External links

http://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Authentication

EUVDB-ID: #VU99858

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49405

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error when processing authentication requests in Private Info. An attacker with physical access can bypass authentication process and access sensitive information in a specific scenario.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

SamsungPass: before 4.4.04.7

CPE2.3 External links

http://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper validation of integrity check value

EUVDB-ID: #VU99860

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49406

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

Exploit availability: No

Description

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to improper validation of integrity check value. A local administrator can modify transaction.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Samsung Blockchain Keystore: before 1.3.16

CPE2.3 External links

http://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper access control

EUVDB-ID: #VU99861

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-49407

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. An attacker with physical access can bypass implemented security restrictions and access data across multiple user profiles.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Samsung Flow: before 4.9.15.7

CPE2.3 External links

http://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to perform certain actions on the device.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###