14.0

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

samsung

CWE-787

NVD

Published: 2024-10-08

Updated: 2024-10-30

Summary

Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Android 12.0 Samsung Android 13.0 Samsung Android 14.0	108

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=10