PT-2019-13828 · Samsung · Fotaagent
Edward Flanker
+1
·
Published
2019-08-08
·
Updated
2023-03-29
·
CVE-2019-14783
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Samsung mobile devices with N(7.x) software
Samsung mobile devices with O(8.x) software
Samsung mobile devices with P(9.0) software
Description
The issue allows a malicious application to create privileged files through the FotaAgent component. This could potentially lead to unauthorized access or modifications to sensitive data.
Recommendations
For Samsung mobile devices with N(7.x) software, update to a version that includes the fix for this issue.
For Samsung mobile devices with O(8.x) software, update to a version that includes the fix for this issue.
For Samsung mobile devices with P(9.0) software, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting the privileges of the FotaAgent component to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Fotaagent