| CVE ID | |
| CVSS SCORE | 4.6, AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
| AFFECTED VENDORS |
Samsung |
| AFFECTED PRODUCTS |
Galaxy S21 |
| VULNERABILITY DETAILS |
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 phones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of errors when accessing trusted URLs. An attacker can force a page redirection from HTTPS to HTTP. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. |
| ADDITIONAL DETAILS |
The patch was applied in server side on November 30th, 2021 |
| DISCLOSURE TIMELINE |
|
| CREDIT | TBD |
