Talos Samsung vulnerabilities

CVE-2018-3926 [MEDIUM] CWE-191 CVE-2018-3926: An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the h An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An at

CVE-2018-3907 [CRITICAL] CWE-444 CVE-2018-3907: An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung Sm An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP

CVE-2018-3909 [HIGH] CWE-444 CVE-2018-3909: An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung Sm An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send a

CVE-2018-3903 [CRITICAL] CWE-787 CVE-2018-3903: On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The memcpy call overflows the destination buffer, which has a size of 512