Remote Code Execution Vulnerability in Samsung Gallery App for Mobile Devices
CVE-2018-9141

7.8HIGH

Key Information:

Vendor: Samsung
Status: Samsung Mobile
Vendor: CVE Published:; 30 March 2018

What is CVE-2018-9141?

The Samsung Gallery app on certain mobile devices is susceptible to a remote code execution vulnerability. This flaw allows attackers to exploit the app by sending a specifically crafted BMP file with an altered resolution. When the affected devices process this malicious file, it could lead to the execution of arbitrary code, potentially compromising device security and user data.

References

https://security.samsungmobile.com/securityUpdate.smsb

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 30, 2018
Vulnerability Reserved
Mar 30, 2018