Sacha Kozma

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** Exposure of sensitive functionality to an unauthorized actor allows remote attackers to set a specific configuration. **Recommendations** Update to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** The use of a broken or risky cryptographic algorithm in Smart Switch allows remote attackers to configure a downgraded scheme for authentication. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** Improper verification of a cryptographic signature in Smart Switch allows remote attackers to potentially bypass authentication. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** A flaw exists in authentication within Smart Switch that enables remote attackers to circumvent security measures. This issue allows unauthorized access, potentially compromising system integrity. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** An authentication bypass by replay exists in Smart Switch, potentially allowing remote attackers to trigger privileged functions. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Galaxy Store versions prior to 4.6.03.8 **Description** An improper access control issue exists in Galaxy Store. A local attacker can create a file with Galaxy Store privileges. **Recommendations** Update Galaxy Store to version 4.6.03.8 or later.

**Name of the Vulnerable Software and Affected Versions** Galaxy Store versions prior to 4.6.03.8 **Description** A path traversal issue exists in Galaxy Store versions prior to 4.6.03.8. This allows a local attacker to create a file with Galaxy Store privileges. **Recommendations** Update Galaxy Store to version 4.6.03.8 or later.

**Name of the Vulnerable Software and Affected Versions** Galaxy Store versions prior to 4.6.03.8 **Description** A flaw exists in the Galaxy Store application related to the improper verification of cryptographic signatures. This issue allows a local attacker to install arbitrary applications. **Recommendations** Update Galaxy Store to version 4.6.03.8 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** A flaw exists in authentication within Smart Switch that could allow an attacker in close proximity to cause a denial of service. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.

**Name of the Vulnerable Software and Affected Versions** Smart Switch versions prior to 3.7.69.15 **Description** A path traversal issue exists in Smart Switch. This allows attackers with adjacent network access to overwrite arbitrary files with Smart Switch privileges. **Recommendations** Update Smart Switch to version 3.7.69.15 or later.