CVE-2024-53921

CWE-276Incorrect Default PermissionsCWE-12363 documents3 sources
Severity
2.8LOW
EPSS
0.1%
top 68.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Samsung Magician
Timeline
PublishedDec 3

Description

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 1.3 | Impact: 1.4

Affected Packages1 packages

NVDsamsung/magician8.1.0

🔴Vulnerability Details

2
CVEList
CVE-2024-53921: An issue was discovered in the installer in Samsung Magician 82024-12-03
GHSA
GHSA-p9qr-rxpv-wm86: An issue was discovered in the installer in Samsung Magician 82024-12-03
CVE-2024-53921 (LOW CVSS 2.8) | An issue was discovered in the inst | cvebase.io