CVE-2024-20870

Summary

Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGalaxy Store4.5.71.8unaffected

Weaknesses

  • CWE-925 : Improper Verification of Intent by Broadcast Receiver

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References