PT-2024-26017 · Samsung · Samsung Message
Khilli
·
Published
2024-07-07
·
Updated
2024-07-11
·
CVE-2024-34602
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Samsung Messages versions prior to SMR Jul-2024 Release 1
Description
The issue is related to the use of implicit intent for sensitive communication in Samsung Messages, allowing local attackers to obtain sensitive information. User interaction is required to trigger this issue.
Recommendations
For Samsung Messages versions prior to SMR Jul-2024 Release 1, update to SMR Jul-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information within the application until a patch is applied.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Samsung Message