Samsung Notes vulnerability allows remote attackers to execute arbitrary code
CVE-2024-34657

9.8CRITICAL

Key Information:

Vendor: Samsung
Status: Samsung Notes
Vendor: CVE Published:; 4 September 2024

What is CVE-2024-34657?

A stack-based out-of-bounds write vulnerability exists in Samsung Notes versions prior to 4.4.21.62, which can be exploited by remote attackers to execute arbitrary code on affected devices. This issue underscores significant security implications, highlighting the necessity for users to update their applications to mitigate the risk.

Affected Version(s)

Samsung Notes 4.4.21.62

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2024
Vulnerability Reserved
May 7, 2024