Improper Access Control in Samsung Voice Recorder for Android Devices
CVE-2024-20840
5.7MEDIUM
Summary
A significant vulnerability exists in Samsung Voice Recorder that allows unauthorized physical access when the device is locked. This issue affects various versions of the application across Android 12, 13, and 14, enabling an attacker with physical access and a keyboard to exploit the application on the lock screen. Users are encouraged to update to the latest versions to ensure their devices are protected against potential security risks associated with this vulnerability.
Affected Version(s)
Samsung Voice Recorder 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14
References
CVSS V3.1
Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved