14.0

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

samsung

CWE-863

NVD

Published: 2024-09-04

Updated: 2024-09-05

Summary

Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Android 12.0 Samsung Android 13.0 Samsung Android 14.0	105

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=09