Privilege Escalation Vulnerability in Samsung Magician for macOS
CVE-2024-31953

6.7MEDIUM

Key Information:

Vendor: Samsung
Status: Magician
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-31953?

A vulnerability has been identified within Samsung Magician 8.0.0 running on macOS, allowing for potential privilege escalation through manipulation of directory and executable files during the installation process. If an attacker already possesses user privileges, they can execute arbitrary code, provided that an administrator password is supplied during installation. This security issue poses risks to user data and overall system integrity, highlighting the importance of maintaining secure installation practices and software updates.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024