CVE-2024-49407
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Summary
CVE-2024-49407 is a vulnerability affecting Samsung Flow, a mobile application, prior to version 4.9.15.7. This issue involves improper access control, allowing physical attackers to bypass security measures and access data across multiple user profiles. Unlike authorized users, these attackers are not intended to have such access, making this a significant security concern. Successful exploitation of this vulnerability could result in unauthorized access to sensitive information, potentially leading to privacy breaches or data theft. Samsung urges users to update their Samsung Flow application to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.