CVE-2018-10500

Name of the Vulnerable Software and Affected Versions: Samsung Galaxy Apps versions prior to 6.4.0.15

Description: This issue allows local attackers to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system. The flaw exists within the handling of push messages, specifically in the ability to start an activity with controlled arguments, allowing an attacker to escalate privileges to normally protected resources.

Recommendations: For versions prior to 6.4.0.15, update to version 6.4.0.15 to resolve the issue. As a temporary workaround, consider restricting the handling of push messages to minimize the risk of exploitation.