CVE-2024-34601

Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:samsung:galaxystore:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-07-02 10:15

Updated : 2024-07-02 18:07

NVD link : CVE-2024-34601

Mitre link : CVE-2024-34601

CVE.ORG link : CVE-2024-34601

JSON object : View

Products Affected

samsung

galaxystore

CWE

NVD-CWE-Other

5.3 /10