PT-2024-18766 · Samsung · Secure Folder
Vijay Vignesh Baskaran
·
Published
2024-05-07
·
Updated
2024-05-07
·
CVE-2024-20856
CVSS v3.1
4.3
Medium
| Vector | AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Secure Folder versions prior to SMR May-2024 Release 1
Description
The issue allows physical attackers to access Secure Folder without proper authentication in a specific scenario. This is due to an improper authentication vulnerability.
Recommendations
For Secure Folder versions prior to SMR May-2024 Release 1, update to SMR May-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting physical access to devices with Secure Folder until the update is applied.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Secure Folder