3.9.10.11

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

NVD

Published: 2021-07-08

Updated: 2022-07-25

Summary

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Members - Samsung Members 2.4.81.13 Samsung Members 3.9.10.11	3
OS	Google Google Android *	1

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7