CVE-2024-20837

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Mar 5, 2024

Summary

CVE-2024-20837 is a vulnerability affecting Samsung Internet browsers prior to version 24.0.0.41. It allows local attackers to manipulate Trusted Web Activities (TWAs) by improperly granting permissions to their own TWA WebApps without user interaction. This issue can potentially lead to unauthorized access or data theft. Attackers can exploit this vulnerability by crafting malicious web content that tricks the browser into granting permissions, bypassing the intended security measures. Users are advised to update their browsers to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share