CVE-2024-49405

Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
Configurations

Configuration 1 (hide)

cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*

History

13 Nov 2024, 00:54

Type Values Removed Values Added
References () https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11 - () https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11 - Vendor Advisory
CWE NVD-CWE-noinfo
First Time Samsung
Samsung pass
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : 4.6
CPE cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*

06 Nov 2024, 18:17

Type Values Removed Values Added
Summary
  • (es) La autenticación incorrecta en información privada en Samsung Pass en versiones anteriores a 4.4.04.7 permite a atacantes físicos acceder a información confidencial en un escenario específico.

06 Nov 2024, 03:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-06 03:15

Updated : 2024-11-13 00:54


NVD link : CVE-2024-49405

Mitre link : CVE-2024-49405

CVE.ORG link : CVE-2024-49405


JSON object : View

Products Affected

samsung

  • pass