CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23769
https://notcve.org/view.php?id=CVE-2024-23769
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. El control de privilegios inadecuado para la canalización con nombre en Samsung Magician PC Software 8.0.0 (para Windows) permite a un atacante local leer datos privilegiados. • https://semiconductor.samsung.com/support/quality-support/product-security-updates •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3218
https://notcve.org/view.php?id=CVE-2017-3218
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates. Samsung Magician 5.0 no valida certificados TLS para el tráfico de actualización de software HTTPS. En versiones anteriores a la 5.0, Samsung Magician emplea HTTP para las actualizaciones de software. • http://www.securityfocus.com/bid/99081 https://www.kb.cert.org/vuls/id/846320 • CWE-295: Improper Certificate Validation CWE-311: Missing Encryption of Sensitive Data CWE-345: Insufficient Verification of Data Authenticity •