Description
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-34953 | Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege. |
References
History
Thu, 05 Sep 2024 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Samsung
Samsung android |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-apr-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-apr-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-aug-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-aug-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-dec-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-dec-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-feb-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-feb-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jan-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jan-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jul-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jul-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jun-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-jun-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-mar-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-mar-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-may-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-may-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-nov-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-sep-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:* |
|
| Vendors & Products |
Samsung
Samsung android |
Wed, 04 Sep 2024 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 04 Sep 2024 05:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege. | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: SamsungMobile
Published:
Updated: 2024-09-04T12:58:55.036Z
Reserved: 2024-05-07T04:43:27.845Z
Link: CVE-2024-34654
Vulnrichment
Updated: 2024-09-04T12:58:49.679Z
NVD
Status : Analyzed
Published: 2024-09-04T06:15:15.520
Modified: 2024-09-05T18:00:07.057
Link: CVE-2024-34654
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses