PT-2021-16699 · Samsung · Samsung Flow

Shai Shapira

Published

2021-11-05

Updated

2021-11-09

CVE-2021-25509

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Samsung Flow Windows application versions prior to 4.8.5.0

Description A missing input validation in the Samsung Flow Windows application allows attackers to overwrite arbitrary files in the Windows known folders.

Recommendations For versions prior to 4.8.5.0, update to version 4.8.5.0 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2021-25509

Affected Products

Samsung Flow

PT-2021-16699 · Samsung · Samsung Flow

CVE-2021-25509

Weakness Enumeration

Related Identifiers

Affected Products

References · 3