The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.
References
Link | Resource |
---|---|
https://www.youtube.com/watch?v=Q3adkpOEjyI | Exploit |
https://www.youtube.com/watch?v=YufuOYQoDOY | Exploit |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2014-10-24 10:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-8346
Mitre link : CVE-2014-8346
CVE.ORG link : CVE-2014-8346
JSON object : View
Products Affected
samsung
- findmymobile
- mobile
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')