Samsung Kies vulnerabilities

11 known vulnerabilities affecting samsung/kies.

Total CVEs
11
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2022-39845HIGHCVSS 7.1fixed in 2.6.4.220742022-09-09
CVE-2022-39845 [MEDIUM] CWE-354 CVE-2022-39845: Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 al Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
nvd
CVE-2022-30744HIGHCVSS 7.8fixed in 2.6.4.22043_12022-06-07
CVE-2022-30744 [MEDIUM] CWE-20 CVE-2022-30744: DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows att DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.
nvd
CVE-2022-27843HIGHCVSS 7.8fixed in 2.6.4.22014_22022-04-11
CVE-2022-27843 [MEDIUM] CWE-20 CVE-2022-27843: DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitra DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.
nvd
CVE-2012-3807CRITICALCVSS 9.8PoCfixed in 2.5.0.12094_27_112020-01-09
CVE-2012-3807 [CRITICAL] CVE-2012-3807: Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.
nvd
CVE-2012-3810HIGHCVSS 7.5PoCfixed in 2.5.0.12094_27_112020-01-09
CVE-2012-3810 [HIGH] CVE-2012-3810: Samsung Kies before 2.5.0.12094_27_11 has registry modification. Samsung Kies before 2.5.0.12094_27_11 has registry modification.
nvd
CVE-2012-3809HIGHCVSS 7.5PoCfixed in 2.5.0.12094_27_112020-01-09
CVE-2012-3809 [HIGH] CVE-2012-3809: Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification. Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
nvd
CVE-2012-3806HIGHCVSS 7.5fixed in 2.5.0.12094_27_112020-01-09
CVE-2012-3806 [HIGH] CWE-476 CVE-2012-3806: Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.
nvd
CVE-2012-3808HIGHCVSS 7.5PoCfixed in 2.5.0.12094_27_112020-01-09
CVE-2012-3808 [HIGH] CVE-2012-3808: Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification. Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
nvd
CVE-2015-8780MEDIUMCVSS 6.4≤ 2015-10-302017-04-13
CVE-2015-8780 [MEDIUM] CWE-22 CVE-2015-8780: Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
nvd
CVE-2012-6429CRITICALCVSS 10.0PoC≤ 2.5.0.12114_12014-04-04
CVE-2012-6429 [CRITICAL] CWE-119 CVE-2012-6429: Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies bef Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
nvd
CVE-2012-2990CRITICALCVSS 9.3≤ 2.3.2.120742012-08-24
CVE-2012-2990 [CRITICAL] CWE-94 CVE-2012-2990: The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document.
nvd