Wang Kailong

**Nome do software vulnerável e versões afetadas** Versões do Setupwizard anteriores à SMR maio de 2024, Release 1 **Descrição** A vulnerabilidade permite que invasores físicos contornem a autenticação e ignorem a etapa de ativação. **Recomendações** Para versões anteriores ao SMR maio de 2024, versão 1, atualize para o SMR maio de 2024, versão 1, ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue concerns a signature management vulnerability. Successful exploitation could cause a forged system file to overwrite the correct system file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue concerns a signature management vulnerability. Successful exploitation could cause a forged system file to overwrite the correct system file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to an information leak, where successful exploitation could cause the leak of information. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to incorrect privilege assignment, which could lead to device service exceptions if successfully exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to an information leak, where successful exploitation could cause the leak of information. There is no mention of the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to an information leak, where successful exploitation could cause the leak of information. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue concerns a signature management vulnerability. Successful exploitation could cause a forged system file to overwrite the correct system file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to a signature management vulnerability. Successful exploitation could cause a forged system file to overwrite the correct system file. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue concerns a signature management vulnerability. Successful exploitation could cause a forged system file to overwrite the correct system file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Honor products (affected versions not specified) **Description** The issue is related to an information leak, where successful exploitation could cause the leak of information. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Data Store versions prior to 5.2.00.7 **Description** The issue is related to improper handling of insufficient permissions or privileges, allowing remote attackers to access location information without permission. **Recommendations** For versions prior to 5.2.00.7, update to version 5.2.00.7 or later to resolve the issue. As a temporary workaround, consider restricting access to location information until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Samsung Account versions prior to 14.5.00.7 **Description** The issue concerns the use of implicit intent for sensitive communication in the startAgreeToDisclaimerActivity function within Samsung Account. This allows attackers to access arbitrary files with Samsung Account privileges. **Recommendations** For versions prior to 14.5.00.7, update to version 14.5.00.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Cloud versions prior to 5.3.0.32 **Description** The issue is related to improper access control in Samsung Cloud, allowing local attackers to access information with Samsung Cloud's privilege via implicit intent. **Recommendations** For versions prior to 5.3.0.32, update to version 5.3.0.32 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information stored in Samsung Cloud until the update is applied.

**Nome do software vulnerável e versões afetadas** Módulo Property (versões afetadas não especificadas) **Descrição** O problema diz respeito a uma vulnerabilidade no controle de permissões do módulo Property. Essa vulnerabilidade pode ser explorada para obter o identificador único do dispositivo. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Smartphones (versões afetadas não especificadas) **Descrição** O problema diz respeito ao acesso não autorizado a arquivos, o que pode comprometer a confidencialidade do serviço caso a vulnerabilidade seja explorada com sucesso. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.