Vulnerabilities > CVE-2024-20828 - Incorrect Authorization vulnerability in Samsung Internet

047910
CVSS 4.6 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
low complexity
samsung
CWE-863
NVD
Published: 2024-02-06
Updated: 2024-02-13

Summary

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.

Vulnerable Configurations

Part Description Count
Application
Samsung
6

Common Weakness Enumeration (CWE)

References