CVE-2018-20135

Name of the Vulnerable Software and Affected Versions: Samsung Galaxy Apps versions prior to 4.4.01.7

Description: The issue allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and emulate the API of the app store to modify existing apps at installation time. The specific flaw involves an HTTP method to obtain the load-balanced hostname that enforces SSL only after obtaining a hostname from the load balancer, and a missing app signature validation in the application XML. This can be exploited to achieve Remote Code Execution on the device.

Recommendations: For versions prior to 4.4.01.7, update to version 4.4.01.7 or later to resolve the issue. As a temporary workaround, consider restricting access to untrusted networks to minimize the risk of exploitation. Avoid using the application installation feature over unsecured networks until the update is applied.