CVE-2024-20885

CVSS 3.1 Score 5.1 of 10 (medium)

Details

Published Jun 4, 2024

Summary

CVE-2024-20885 is an improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1, which allows local attackers to make a call without proper permission. The affected product is Samsung Dialer on unspecified devices. The vulnerability has a base severity of MEDIUM with a base score of 5.1 according to the CVSS:3.1 rating. It requires no privileges and user interaction, and its attack vector is local. The impact includes low confidentiality and integrity impacts, with low availability impact as well. The exploitability score is 2.5 out of 10. To remediate the vulnerability, users should update their Samsung Dialer to SMR May-2024 Release 1 or later versions provided by Samsung. This vulnerability poses a potential danger to organizations using the affected Samsung Dialer as it allows unauthorized calls to be made without proper permission from local attackers.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-20885 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options