An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
References
Configurations
Configuration 1 (hide)
AND |
|
History
03 Jun 2025, 16:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Samsung
Apple macos Samsung magician Apple |
|
CPE | cpe:2.3:a:samsung:magician:8.0.0:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
|
References | () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31952/ - Vendor Advisory |
21 Nov 2024, 09:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31952/ - |
06 Sep 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-59 |
14 May 2024, 15:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 15:26
Updated : 2025-06-03 16:34
NVD link : CVE-2024-31952
Mitre link : CVE-2024-31952
CVE.ORG link : CVE-2024-31952
JSON object : View
Products Affected
apple
- macos
samsung
- magician
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')