// For flags

CVE-2018-16272

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.

El servicio de sistema wpa_supplicant en la serie Samsung Galaxy Gear, permite a un proceso no privilegiado controlar completamente la interfaz Wi-Fi, debido a la falta de sus configuraciones de polĂ­tica de seguridad D-Bus. Esto afecta a los firmwares que se basan ??en Tizen, incluyendo la serie Samsung Galaxy Gear versiones anteriores al build RE2.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-08-31 CVE Reserved
  • 2020-01-22 CVE Published
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • 2024-09-06 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-269: Improper Privilege Management
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Samsung
Search vendor "Samsung"
Galaxy Gear Firmware
Search vendor "Samsung" for product "Galaxy Gear Firmware"
< re2
Search vendor "Samsung" for product "Galaxy Gear Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy Gear
Search vendor "Samsung" for product "Galaxy Gear"
--
Safe
Samsung
Search vendor "Samsung"
Gear 2 Firmware
Search vendor "Samsung" for product "Gear 2 Firmware"
< re2
Search vendor "Samsung" for product "Gear 2 Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear 2
Search vendor "Samsung" for product "Gear 2"
--
Safe
Samsung
Search vendor "Samsung"
Gear Live Firmware
Search vendor "Samsung" for product "Gear Live Firmware"
< re2
Search vendor "Samsung" for product "Gear Live Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear Live
Search vendor "Samsung" for product "Gear Live"
--
Safe
Samsung
Search vendor "Samsung"
Gear S Firmware
Search vendor "Samsung" for product "Gear S Firmware"
< re2
Search vendor "Samsung" for product "Gear S Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear S
Search vendor "Samsung" for product "Gear S"
--
Safe
Samsung
Search vendor "Samsung"
Gear S2 Firmware
Search vendor "Samsung" for product "Gear S2 Firmware"
< re2
Search vendor "Samsung" for product "Gear S2 Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear S2
Search vendor "Samsung" for product "Gear S2"
--
Safe
Samsung
Search vendor "Samsung"
Gear S3 Firmware
Search vendor "Samsung" for product "Gear S3 Firmware"
< re2
Search vendor "Samsung" for product "Gear S3 Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear S3
Search vendor "Samsung" for product "Gear S3"
--
Safe
Samsung
Search vendor "Samsung"
Gear Sport Firmware
Search vendor "Samsung" for product "Gear Sport Firmware"
< re2
Search vendor "Samsung" for product "Gear Sport Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear Sport
Search vendor "Samsung" for product "Gear Sport"
--
Safe
Samsung
Search vendor "Samsung"
Gear Fit Firmware
Search vendor "Samsung" for product "Gear Fit Firmware"
< re2
Search vendor "Samsung" for product "Gear Fit Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear Fit
Search vendor "Samsung" for product "Gear Fit"
--
Safe
Samsung
Search vendor "Samsung"
Gear Fit 2 Firmware
Search vendor "Samsung" for product "Gear Fit 2 Firmware"
< re2
Search vendor "Samsung" for product "Gear Fit 2 Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear Fit 2
Search vendor "Samsung" for product "Gear Fit 2"
--
Safe
Samsung
Search vendor "Samsung"
Gear Fit 2 Pro Firmware
Search vendor "Samsung" for product "Gear Fit 2 Pro Firmware"
< re2
Search vendor "Samsung" for product "Gear Fit 2 Pro Firmware" and version " < re2"
-
Affected
in Samsung
Search vendor "Samsung"
Gear Fit 2 Pro
Search vendor "Samsung" for product "Gear Fit 2 Pro"
--
Safe