Details of VAR-201411-0528

ID

VAR-201411-0528

TITLE

Variety of Samsung Galaxy devices KNOX arbitrary code execution vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-08404

DESCRIPTION

Samsung Galaxy Device is a series of smart mobile devices released by South Korea's Samsung. A code execution vulnerability exists in several Samsung Galaxy devices. An attacker could use this vulnerability to execute arbitrary code in the context of an affected device

Trust: 1.35

sources: CNVD: CNVD-2014-08404 // CNNVD: CNNVD-201411-459 // BID: 71148

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-08404

AFFECTED PRODUCTS

vendor:

samsung

model:

knox

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2014-08404

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-08404
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2014-08404
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-08404

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201411-459

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-201411-459

EXTERNAL IDS

db:	BID	id:	71148	Trust: 1.5
db:	CNVD	id:	CNVD-2014-08404	Trust: 0.6
db:	CNNVD	id:	CNNVD-201411-459	Trust: 0.6

sources: CNVD: CNVD-2014-08404 // BID: 71148 // CNNVD: CNNVD-201411-459

REFERENCES

url:	http://www.securityfocus.com/bid/71148	Trust: 1.2
url:	http://www.samsung.com/	Trust: 0.3

sources: CNVD: CNVD-2014-08404 // BID: 71148 // CNNVD: CNNVD-201411-459

CREDITS

Andre Moulu

Trust: 0.9

sources: BID: 71148 // CNNVD: CNNVD-201411-459

SOURCES

db:	CNVD	id:	CNVD-2014-08404
db:	BID	id:	71148
db:	CNNVD	id:	CNNVD-201411-459

LAST UPDATE DATE

2022-05-17T01:55:54.515000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-08404	date:	2014-11-20T00:00:00
db:	BID	id:	71148	date:	2014-11-18T00:00:00
db:	CNNVD	id:	CNNVD-201411-459	date:	2014-11-25T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-08404	date:	2014-11-20T00:00:00
db:	BID	id:	71148	date:	2014-11-18T00:00:00
db:	CNNVD	id:	CNNVD-201411-459	date:	2014-11-25T00:00:00