#VU85081 Improper Authentication in Samsung Mobile Firmware - CVE-2024-20803
Published: January 8, 2024
Vulnerability identifier: #VU85081
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2024-20803
CWE-ID: CWE-287
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Samsung Mobile Firmware
Samsung Mobile Firmware
Software vendor:
Samsung
Samsung
Description
The vulnerability allows an attacker to bypass authentication process.
The vulnerability exists due to an error in Bluetooth pairing process. An attacker with physical proximity to device can establish pairing process without user interaction.
Remediation
Install updates from vendor's website.