Man-in-the-Middle Vulnerability in Samsung Account by Samsung
CVE-2015-0864

8HIGH

Key Information:

Vendor: Samsung
Status: Galaxy App; Samsung Account App
Vendor: CVE Published:; 27 March 2017

Summary

A vulnerability in Samsung Account allows man-in-the-middle attackers to intercept sensitive data during transmission. This flaw can lead to unauthorized access to confidential information and the ability to execute arbitrary code on the affected devices, posing significant security risks to users. The issue is present in versions prior to 1.6.0069 and 2.1.0069, making it essential for users to update their applications to mitigate potential threats.

References

http://www.securityfocus.com/bid/97207

vdb-entryx_refsource_BID

https://www.nowsecure.com/blog/2015/01/26/samsung-account...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2017
Vulnerability Reserved
Jan 7, 2015