CVE-2024-49420
Samsung Galaxy S24 Gaming Hub Exposed Dangerous Method Local Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in Global allows remote attackers to launch arbitrary activity.
El manejo inadecuado de respuestas en GamingHub anterior a la versiĆ³n 6.1.04.6 en Corea, 7.1.03.7 en Global permite a atacantes remotos iniciar actividad arbitraria.
This vulnerability allows local attackers to escalate privileges on affected installations of Samsung Galaxy S24. An attacker must first obtain the ability to execute low-privileged script on the target system in order to exploit this vulnerability.
The specific flaw exists within the Gaming Hub application. The issue results from an exposed dangerous method. An attacker can leverage this vulnerability to escalate privileges and perform actions in the context of the user.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-10-15 CVE Reserved
- 2024-12-03 CVE Published
- 2025-04-09 CVE Updated
- 2025-05-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samsung Mobile Search vendor "Samsung Mobile" | Gaming Hub Search vendor "Samsung Mobile" for product "Gaming Hub" | * | - |
Affected
| ||||||