CVE-2024-20810: Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.
3.3
CVSS
Description
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.
Classification
CVE ID: CVE-2024-20810
CVSS Base Severity: LOW
CVSS Base Score: 3.3
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Problem Types
CWE-927: Use of Implicit Intent for Sensitive CommunicationAffected Products
Vendor: Samsung Mobile
Product: Samsung Mobile Devices
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 15.15% (scored less or equal to compared to others)
EPSS Date: 2025-05-23 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-20810https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=02