CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20135
https://notcve.org/view.php?id=CVE-2018-20135
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and emulate the API of the app store to modify existing apps at installation time. The specific flaw involves an HTTP method to obtain the load-balanced hostname that enforces SSL only after obtaining a hostname from the load balancer, and a missing app signature validation in the application XML. An attacker can exploit this vulnerability to achieve Remote Code Execution on the device. The Samsung ID is SVE-2018-12071. • https://security.samsungmobile.com/securityUpdate.smsb https://www.adyta.pt/en/2019/01/29/writeup-samsung-app-store-rce-via-mitm-2 • CWE-295: Improper Certificate Validation •
CVSS: 4.2EPSS: 0%CPEs: 16EXPL: 0CVE-2019-12762
https://notcve.org/view.php?id=CVE-2019-12762
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch. Los dispositivos Xiaomi Mi 5s Plus permiten a los atacantes desencadenar anomalías de la pantalla táctil a través de una señal de radio entre 198 kHz y 203 kHz, como lo demuestra un transmisor y una antena ocultos justo debajo de la superficie de una mesa de cafetería, también conocida como Ghost Touch. • https://hackercombat.com/nfc-vulnerability-may-promote-ghost-screen-taps https://medium.com/%40juliodellaflora/ghost-touch-on-xiaomi-mi5s-plus-707998308607 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6744 – Samsung Knox Secure Folder Lock Screen Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-6744
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. • https://security.samsungmobile.com/securityUpdate.smsb https://www.zerodayinitiative.com/advisories/ZDI-19-515 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-12315
https://notcve.org/view.php?id=CVE-2019-12315
Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. Las impresoras SCX-824 de Samsung, permiten una vulnerabilidad de tipo Cross-Site-Scripting (XSS) reflejada que puede ser activada al utilizar la función "print from file", como lo demuestra el parámetro sws/swsAlert.sws?popupid=successMsg msg. • https://gist.github.com/med0x2e/2715d32602ba688ea3bc239a3d5f8214 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2019-12087
https://notcve.org/view.php?id=CVE-2019-12087
Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions "the Samsung Security Team considered this issue as no/little security impact. ** EN DISPUTA ** Los dispositivos Samsung S9+, S10 y XCover 4 P(9.0) pueden quedar temporalmente inutilizados debido a un intent desprotegido en la aplicación ContainerAgent. Por ejemplo, la víctima queda atrapada en un lanzador con su Carpeta Segura bloqueada. NOTA: el investigador menciona que "el equipo de seguridad de Samsung consideró que este asunto no tenía ningún impacto en la seguridad". • https://github.com/fs0c131y/SamsungLocker • CWE-399: Resource Management Errors •