CVE-2018-10500 (GCVE-0-2018-10500)

Vulnerability from cvelistv5 – Published: 2018-09-24 23:00 – Updated: 2024-08-05 07:39
VLAI?
Summary
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.
Severity ?
No CVSS data available.
CWE
  • CWE-284 - Improper Access Control
Assigner
zdi
References
Impacted products
Vendor Product Version
Samsung Samsung Galaxy Apps Affected: Fixed in version 6.4.0.15
Create a notification for this product.
Date Public ?
2018-06-07 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:39:07.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://zerodayinitiative.com/advisories/ZDI-18-559"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samsung Galaxy Apps",
          "vendor": "Samsung",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in version 6.4.0.15"
            }
          ]
        }
      ],
      "datePublic": "2018-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284-Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-09-24T22:57:01.000Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://zerodayinitiative.com/advisories/ZDI-18-559"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "zdi-disclosures@trendmicro.com",
          "ID": "CVE-2018-10500",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Samsung Galaxy Apps",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Fixed in version 6.4.0.15"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Samsung"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284-Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://zerodayinitiative.com/advisories/ZDI-18-559",
              "refsource": "MISC",
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-559"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2018-10500",
    "datePublished": "2018-09-24T23:00:00.000Z",
    "dateReserved": "2018-04-27T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:39:07.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-10500",
      "date": "2026-05-20",
      "epss": "0.00046",
      "percentile": "0.14371"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-10500\",\"sourceIdentifier\":\"zdi-disclosures@trendmicro.com\",\"published\":\"2018-09-24T23:29:00.837\",\"lastModified\":\"2024-11-21T03:41:26.790\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5331.\"},{\"lang\":\"es\",\"value\":\"Esta vulnerabilidad permite que los atacantes locales escalen privilegios en instalaciones vulnerables de Samsung Galaxy Apps, solucionado en la versi\u00f3n 6.4.0.15. En primer lugar, un atacante debe obtener la capacidad de ejecutar c\u00f3digo de bajos privilegios en el sistema objetivo para explotar esta vulnerabilidad. Este error en concreto existe en el manejo de mensajes push. El problema radica en la capacidad de comenzar una actividad con argumentos controlados. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios a recursos que suelen estar protegidos de la aplicaci\u00f3n. Anteriormente era ZDI-CAN-5331.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"zdi-disclosures@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:samsung:galaxy_apps:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.4.0.15\",\"matchCriteriaId\":\"66CEF2B1-5A1E-433C-B880-1EED01CA145F\"}]}]}],\"references\":[{\"url\":\"https://zerodayinitiative.com/advisories/ZDI-18-559\",\"source\":\"zdi-disclosures@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://zerodayinitiative.com/advisories/ZDI-18-559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.