CVE-2018-16263
Severity
8.8HIGH
EPSS
0.1%
top 69.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 22
Latest updateMay 24
Description
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-5h96-c4j5-cc68: The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configu↗2022-05-24
CVEList▶
CVE-2018-16263: The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configu↗2020-01-22