Remote Attackers Can Launch Arbitrary Activity in GamingHub Prior to Version 6.1.04.6 in Korea
CVE-2024-49420

7.5HIGH

Key Information:

Vendor: Samsung
Status: Gaminghub
Vendor: CVE Published:; 3 December 2024

What is CVE-2024-49420?

A vulnerability exists in Samsung's GamingHub that relates to improper handling of responses, which can be exploited by remote attackers. Versions of GamingHub prior to 6.1.04.6 in Korea and 7.1.03.7 in Global are particularly affected. This flaw allows unauthorized parties to potentially execute arbitrary activities through manipulated responses, posing a significant risk to users and networks utilizing this gaming platform.

Affected Version(s)

GamingHub 6.1.04.6 in Korea, 7.1.03.7 in Global

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 3, 2024
Vulnerability Reserved
Oct 15, 2024