PT-2024-18709 · Samsung · Samsung Mobile Devices
Dawuge
·
Published
2024-01-04
·
Updated
2024-01-10
·
CVE-2024-20803
CVSS v3.1
6.8
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Samsung Mobile Devices versions prior to SMR Jan-2024 Release 1
Description
The issue is related to an improper authentication vulnerability in the Bluetooth pairing process. This allows remote attackers to establish a pairing process without user interaction.
Recommendations
For versions prior to SMR Jan-2024 Release 1, update to SMR Jan-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider disabling Bluetooth functionality until a patch is available. Restrict access to the Bluetooth pairing process to minimize the risk of exploitation.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung Mobile Devices