CVE-2024-20852

3 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 76.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Smartthings
Timeline
PublishedApr 2

Description

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages1 packages

NVDsamsung/smartthings< 1.8.13.22

🔴Vulnerability Details

2
GHSA
GHSA-vgjg-mpj8-9q8q: Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 12024-04-02
CVEList
CVE-2024-20852: Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 12024-04-02
CVE-2024-20852 (LOW CVSS 3.3) | Improper verification of intent by | cvebase.io