← Back to CVE List

CVE-2018-10502

Published: 2018-09-24T23:29Z
Last Modified: 2024-11-21T03:41Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt