Samsung Mobile Samsung Mobile Devices vSMR Aug-2024 Release in Android 12, 13, 14 - 14 CVEs

CVE-2024-34619

Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

HIGH CVSS 7.5 Published Aug 07, 2024

CVE-2024-34618

Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.

MEDIUM CVSS 4.0 Published Aug 07, 2024

CVE-2024-34616

Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.

MEDIUM CVSS 5.1 Published Aug 07, 2024

CVE-2024-34615

Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.

MEDIUM CVSS 5.1 Published Aug 07, 2024

CVE-2024-34614

Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.

HIGH CVSS 7.3 Published Aug 07, 2024

CVE-2024-34612

Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.

HIGH CVSS 7.3 Published Aug 07, 2024

CVE-2024-34611

Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.

MEDIUM CVSS 5.1 Published Aug 07, 2024

CVE-2024-34610

Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.

MEDIUM CVSS 5.1 Published Aug 07, 2024

CVE-2024-34609

Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.