14.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

samsung

NVD

Published: 2024-07-02

Updated: 2024-07-02

Summary

Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Android 12.0 Samsung Android 13.0 Samsung Android 14.0	76

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=07