Vulnerabilities > CVE-2024-20840 - Unspecified vulnerability in Samsung Voice Recorder

CVSS 2.4 - LOW

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

low complexity

samsung

NVD

Published: 2024-03-05

Updated: 2025-02-14

Summary

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Voice Recorder -	1
OS	Google Google Android 12.0 Google Android 13.0 Google Android 14.0	3

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03