CVE-2024-36071

Name of the Vulnerable Software and Affected Versions Samsung Magician version 8.0.0

Description The issue is related to an Untrusted Search Path in the Samsung Magician program for managing SSD disks. This allows an attacker to tamper with the directory and DLL files used during the installation process, potentially leading to arbitrary code execution and privilege escalation.

Recommendations For Samsung Magician version 8.0.0, consider restricting access to the directory and DLL files used during the installation process as a temporary workaround until a patch is available. Additionally, avoid using the vulnerable installation process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.