DLL Hijacking Vulnerability in Samsung Magician Software
CVE-2025-57836
7.8HIGH
What is CVE-2025-57836?
A significant vulnerability exists in Samsung Magician versions 6.3.0 through 8.3.2, where the installer assigns insecure permissions to a temporary installation folder. This misconfiguration permits non-administrator users to exploit the system via DLL hijacking, potentially leading to unauthorized privilege escalation. Such vulnerabilities can compromise system integrity and expose sensitive data, making it crucial for users to assess their vulnerability patching strategies.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved