CVE-2024-34597 — Samsung Health vulnerability

3 documents3 sources

Severity

3.3LOWNVD

CNA4.4

EPSS

0.1%

top 81.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samsung Health

Timeline

PublishedJul 2

Description

Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

▶NVDsamsung/health< 6.27.0.113

🔴Vulnerability Details

CVEList

CVE-2024-34597: Improper input validation in Samsung Health prior to version 6↗2024-07-02

▶

GHSA

GHSA-79gq-fwvx-q9qx: Improper input validation in Samsung Health prior to version 6↗2024-07-02

▶