CVE-2024-27362 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	4.4 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AC:L/AV:L/A:N/C:H/I:N/PR:H/S:U/UI:N
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Vendor	Product	Version
samsung	exynos_1280_firmware	-
samsung	exynos_2200_firmware	-
samsung	exynos_1330_firmware	-
samsung	exynos_1380_firmware	-
samsung	exynos_2400_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1284 - Improper Validation of Specified Quantity in Input
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27362/

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27362/