CVE-2024-34672

Published: Oct 8, 2024Modified: Jan 8, 2026

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users.

Affected (3)

Products: Samsung: Video Player

Samsung

1 product

Video Player

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Video Player	Before 7.3.29.1

Running on/with	Platform Versions
Samsung Android	Version 12.0

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Video Player	Before 7.3.36.1

Running on/with	Platform Versions
Samsung Android	Version 13.0

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Samsung Video Player	Before 7.3.41.230

Running on/with	Platform Versions
Samsung Android	Version 14.0

References (1)

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=10

Source: mobile.security@samsung.com

Vendor Advisory

Timeline

No history available yet.