CVE-2024-34671

Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=10	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-10-08 07:15

Updated : 2025-12-06 00:51

NVD link : CVE-2024-34671

Mitre link : CVE-2024-34671

CVE.ORG link : CVE-2024-34671

JSON object : View

Products Affected

samsung

internet

CWE

NVD-CWE-Other

{"id": "CVE-2024-34671", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "mobile.security@samsung.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-10-08T07:15:05.640", "references": [{"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=10", "tags": ["Vendor Advisory"], "source": "mobile.security@samsung.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Use of implicit intent for sensitive communication in translation\ud63bin Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability."}, {"lang": "es", "value": "El uso de la intenci\u00f3n impl\u00edcita de obtener comunicaciones confidenciales en translation?in Samsung Internet anterior a la versi\u00f3n 26.0.3.1 permite a atacantes locales obtener informaci\u00f3n confidencial. Se requiere la interacci\u00f3n del usuario para activar esta vulnerabilidad."}], "lastModified": "2025-12-06T00:51:49.103", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D41D18F2-97E5-43AC-89A0-4F3B847314E9", "versionEndExcluding": "26.0.3.1"}], "operator": "OR"}]}], "sourceIdentifier": "mobile.security@samsung.com"}