Privilege Escalation in Samsung SyncThru Web Service
CVE-2021-35309

7.5HIGH

Key Information:

Vendor: Samsung
Status: Syncthru Web Service
Vendor: CVE Published:; 22 August 2023

Summary

An issue identified in Samsung SyncThru Web Service SPL 5.93 permits attackers to exploit man-in-the-middle (MITM) attacks, leading to escalated privileges. This flaw can enable unauthorized access to sensitive functionalities, thereby compromising system integrity and user data.

References

https://security.samsungmobile.com/securityUpdate.smsb

https://github.com/mustafa-turgut/cve-subscriptions/tree/...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2023
Vulnerability Reserved
Jun 23, 2021