CVE-2024-49421

Summary

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileQuick Share Agent3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14unaffected

Weaknesses

  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References