Back

CVE-2024-20896

July 2, 2024, 12:09 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Samsung Galaxy devices

  • UNKNOWN

Source

mobile.security@samsung.com

Tags

mobile.security@samsung.com
2024-07-02
CVE-2024-20896

CVE-2024-20896 details

Published : July 2, 2024, 10:15 a.m.
Last Modified : July 2, 2024, 12:09 p.m.

Description

Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

CVSS Score

1 2 3 4 5.5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

Base Score

5.5

Exploitability Score

1.8

Impact Score

3.6

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

URL Source
https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=07 mobile.security@samsung.com
This website uses the NVD API, but is not approved or certified by it.