CVE-2024-49407

CVSS 3.1 Score 4.6 of 10 (medium)

Details

Published Nov 6, 2024
Updated: Nov 13, 2024

Summary

CVE-2024-49407 is a vulnerability affecting Samsung Flow, a mobile application, prior to version 4.9.15.7. This issue involves improper access control, allowing physical attackers to bypass security measures and access data across multiple user profiles. Unlike authorized users, these attackers are not intended to have such access, making this a significant security concern. Successful exploitation of this vulnerability could result in unauthorized access to sensitive information, potentially leading to privacy breaches or data theft. Samsung urges users to update their Samsung Flow application to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share