CVE-2024-20825

Summary

Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGalaxy Store4.5.63.6unaffected

Weaknesses

  • CWE-927 : Use of Implicit Intent for Sensitive Communication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References