Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-34637 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |
| 2024-09-04 | CVE-2024-34639 | Improper Handling of Exceptional Conditions vulnerability in Samsung Android 12.0/13.0/14.0 Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation. | 4.6 |
| 2024-09-04 | CVE-2024-34642 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information. | 4.6 |
| 2024-09-04 | CVE-2024-34643 | Unspecified vulnerability in Samsung Android 14.0 Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. | 5.5 |
| 2024-09-04 | CVE-2024-34644 | Unspecified vulnerability in Samsung Android 14.0 Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. | 5.5 |
| 2024-09-04 | CVE-2024-34645 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications. low complexity samsung | 4.6 |
| 2024-09-04 | CVE-2024-34646 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service. | 5.5 |
| 2024-09-04 | CVE-2024-34647 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license. | 5.5 |
| 2024-09-04 | CVE-2024-34648 | Incorrect Default Permissions vulnerability in Samsung Android 12.0/13.0/14.0 Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data. | 5.5 |
| 2024-09-04 | CVE-2024-34651 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files. | 5.5 |