CVE-2024-34601

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-34601
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:samsung:galaxystore:*:*:*:*:*:*:*:*
History

02 Jul 2024, 18:07

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.9 		v2 : unknown
v3 : 5.3
CPE cpe:2.3:a:samsung:galaxystore:*:*:*:*:*:*:*:*
First Time Samsung galaxystore
Samsung
References () https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07 - () https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07 - Vendor Advisory
CWE NVD-CWE-Other

02 Jul 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) La verificación inadecuada de la intención mediante la vulnerabilidad del receptor de transmisión en GalaxyStore antes de la versión 4.5.81.0 permite a atacantes locales lanzar actividades no exportadas de GalaxyStore.

02 Jul 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-02 10:15

Updated : 2024-07-02 18:07

NVD link : CVE-2024-34601

Mitre link : CVE-2024-34601

CVE.ORG link : CVE-2024-34601

JSON object : View

Products Affected

samsung

  • galaxystore
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024