Platform
android
Component
samsung-internet
Fixed in
25.0.0.41
CVE-2024-20869 describes an improper privilege management vulnerability discovered in Samsung Internet. This flaw allows local attackers to bypass protection mechanisms designed to safeguard cookies, potentially enabling unauthorized access to sensitive data. The vulnerability impacts versions of Samsung Internet prior to 25.0.0.41, and a patch is available in version 25.0.0.41.
The core of this vulnerability lies in the improper handling of privileges within Samsung Internet. An attacker with local access to a device running a vulnerable version can exploit this flaw to bypass cookie protection. This means they could potentially access cookies belonging to other applications or websites, leading to session hijacking, unauthorized data access, and other malicious activities. While the vulnerability requires local access, the potential impact is significant, as cookies often contain authentication tokens and other sensitive information. The attacker could potentially gain control of user accounts or access confidential data stored within the browser.
CVE-2024-20869 was publicly disclosed on May 7, 2024. There is currently no indication of active exploitation or a corresponding entry on the CISA KEV catalog. Public proof-of-concept code is not yet available, but the relatively straightforward nature of privilege bypass vulnerabilities suggests that a PoC may emerge in the near future. The EPSS score is likely to be assessed as low to medium, given the requirement for local access.
Exploit Status
EPSS
0.02% (5% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-20869 is to immediately upgrade Samsung Internet to version 25.0.0.41 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing stricter cookie policies within the application. This might involve limiting the scope of cookies or implementing additional authentication checks. While not a direct fix, these measures can help reduce the potential impact of the vulnerability. After upgrading, verify the fix by attempting to access cookies from a different application or website – the access should be denied.
Actualice Samsung Internet a la versión 25.0.0.41 o posterior. Puede actualizar la aplicación a través de la tienda de aplicaciones de Samsung o Google Play Store. Esto solucionará la vulnerabilidad de gestión de privilegios.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-20869 is a medium-severity vulnerability in Samsung Internet that allows local attackers to bypass cookie protection, potentially leading to unauthorized access to sensitive data.
You are affected if you are using Samsung Internet version 24.0.0.40 or earlier. Upgrade to version 25.0.0.41 to mitigate the risk.
The fix is to upgrade Samsung Internet to version 25.0.0.41 or later. If immediate upgrade is not possible, consider stricter cookie policies.
There is currently no evidence of active exploitation, but a proof-of-concept may emerge in the future.
Refer to the official Samsung Security Advisories page for details: https://security.samsung.com/
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your build.gradle file and we'll tell you instantly if you're affected.