Untrusted Modification of Transactions Possible in Pre-1.3.16 Versions of Blockchain Keystore

CVE-2024-49406
4.4MEDIUM

Key Information

Vendor
Samsung
Status
Blockchain Keystore
Vendor
CVE Published:
6 November 2024

Summary

Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability.

Affected Version(s)

Blockchain Keystore <= 1.3.16

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.