CVE-2024-49421: Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent...

4.3 CVSS

Description

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.

Classification

CVE ID: CVE-2024-49421

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.3

Affected Products

Vendor: Samsung Mobile

Product: Quick Share Agent

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12

Timeline

2024-12-04 00:11:37 UTC
CVE

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent...