Lucene search

[email protected]NVD:CVE-2024-34600

HistoryJul 02, 2024 - 10:15 a.m.

CVE-2024-34600

2024-07-0210:15:08

[email protected]

web.nvd.nist.gov

samsung flow

intent verification

local attackers

image files

external storage

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

9.2%

JSON

Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage.

Affected configurations

Nvd

Node

samsungflowRange<4.9.13.0

VendorProductVersionCPE
samsungflow*cpe:2.3:a:samsung:flow:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	flow	*	cpe:2.3:a:samsung:flow::::::::

References

security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

Percentile

9.2%

JSON

Related for NVD:CVE-2024-34600

vulnrichment1 cve1 cvelist1