PT-2024-26000 · Samsung · Knoxcustommanagerservice

Published

2024-07-02

Updated

2024-07-05

CVE-2024-34586

CVSS v3.1

5.9

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions KnoxCustomManagerService versions prior to SMR Jul-2024 Release 1

Description The issue is related to improper access control in the KnoxCustomManagerService, allowing local attackers to configure the Knox privacy policy.

Recommendations For versions prior to SMR Jul-2024 Release 1, update to the SMR Jul-2024 Release 1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-34586

Affected Products

Knoxcustommanagerservice

PT-2024-26000 · Samsung · Knoxcustommanagerservice

CVE-2024-34586

Related Identifiers

Affected Products

References · 4