Galaxy S24 Vulnerability Poses Risk of Unauthorized File Access
gbhackersA security flaw in Samsung’s Quick Share feature for the Galaxy S24 series has been disclosed, enabling attackers to create arbitrary files on vulnerable devices.
Tracked as CVE-2024-49421, the vulnerability highlights risks in the popular file-sharing tool preinstalled on Samsung’s flagship smartphones.
Vulnerability Overview
The flaw, discovered by researcher Ken Gannon of NCC Group, stems from improper path validation in the Quick Share application.
Attackers with network proximity can exploit this directory traversal weakness to write files to unintended locations on the device.
The vulnerability received a CVSS score of 5.9, categorized as medium severity due to its requirement for attacker proximity and user interaction.
| Field | Details |
| Vulnerability Name | Samsung Galaxy S24 Quick Share Directory Traversal Arbitrary File Write |
| CVE ID | CVE-2024-49421 |
| CVSS Score | 5.9 (Medium) |
Key Details:
- Affected Devices: Samsung Galaxy S24 series (pre-patch versions).
- Risk: Unauthorized file creation in user-accessible directories.
- Mitigation: Samsung released ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE