CVE-2024-20837
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-20837 is a vulnerability affecting Samsung Internet browsers prior to version 24.0.0.41. It allows local attackers to manipulate Trusted Web Activities (TWAs) by improperly granting permissions to their own TWA WebApps without user interaction. This issue can potentially lead to unauthorized access or data theft. Attackers can exploit this vulnerability by crafting malicious web content that tricks the browser into granting permissions, bypassing the intended security measures. Users are advised to update their browsers to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.