CVE-2024-20807

EUVD-2024-18522
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
SamsungMobileCNA
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
samsungemail
𝑥
< 6.1.90.16
𝑥
= Vulnerable software versions
References
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=01
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=01