Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Samsung Galaxy Apps 权限许可和访问控制漏洞
Vulnerability Description
Samsung Galaxy Apps是韩国三星(Samsung)公司的一款使用在Samsung手机中的应用商店程序。 Samsung Galaxy Apps中推送消息的处理存在提权漏洞。本地攻击者可通过获取低权限代码的执行权限利用该漏洞提升权限。
CVSS Information
N/A
Vulnerability Type
N/A