VAR-201809-0085
Vulnerability from variot - Updated: 2024-11-23 22:48This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358. Samsung Notes Contains vulnerabilities related to authorization, permissions, and access control. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-5358 Was numbered.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungNotes is a Notes series of smartphone products from South Korea's Samsung
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "notes",
"scope": "lt",
"trust": 1.8,
"vendor": "samsung",
"version": "2.0.02.31"
},
{
"_id": null,
"model": "notes",
"scope": null,
"trust": 1.3,
"vendor": "samsung",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-561"
},
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "NVD",
"id": "CVE-2018-10501"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:samsung:notes",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
}
]
},
"credits": {
"_id": null,
"data": "MWR Labs - Alex Plaskett James Loureiro Robert Miller and Georgi Geshev",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-561"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
}
],
"trust": 1.3
},
"cve": "CVE-2018-10501",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2018-10501",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 2.5,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CNVD-2018-20054",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2018-10501",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10501",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-10501",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2018-10501",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-20054",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-942",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-561"
},
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
},
{
"db": "NVD",
"id": "CVE-2018-10501"
}
]
},
"description": {
"_id": null,
"data": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358. Samsung Notes Contains vulnerabilities related to authorization, permissions, and access control. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-5358 Was numbered.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SamsungNotes is a Notes series of smartphone products from South Korea\u0027s Samsung",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10501"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "ZDI",
"id": "ZDI-18-561"
},
{
"db": "CNVD",
"id": "CNVD-2018-20054"
}
],
"trust": 2.79
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-10501",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-18-561",
"trust": 3.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5358",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-20054",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-561"
},
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
},
{
"db": "NVD",
"id": "CVE-2018-10501"
}
]
},
"id": "VAR-201809-0085",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20054"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20054"
}
]
},
"last_update_date": "2024-11-23T22:48:35.158000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Samsung Notes",
"trust": 0.8,
"url": "https://www.samsung.com/global/galaxy/apps/samsung-notes/"
},
{
"title": "SamsungNotes Path Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/141287"
},
{
"title": "Samsung Notes Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=84365"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "NVD",
"id": "CVE-2018-10501"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.4,
"url": "https://zerodayinitiative.com/advisories/zdi-18-561"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10501"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10501"
},
{
"trust": 0.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-18-561/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
},
{
"db": "NVD",
"id": "CVE-2018-10501"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "ZDI",
"id": "ZDI-18-561",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2018-20054",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011827",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-10501",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2018-06-07T00:00:00",
"db": "ZDI",
"id": "ZDI-18-561",
"ident": null
},
{
"date": "2018-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20054",
"ident": null
},
{
"date": "2019-01-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011827",
"ident": null
},
{
"date": "2018-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-942",
"ident": null
},
{
"date": "2018-09-24T23:29:00.943000",
"db": "NVD",
"id": "CVE-2018-10501",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2018-06-07T00:00:00",
"db": "ZDI",
"id": "ZDI-18-561",
"ident": null
},
{
"date": "2018-09-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-20054",
"ident": null
},
{
"date": "2019-01-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011827",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-942",
"ident": null
},
{
"date": "2024-11-21T03:41:26.930000",
"db": "NVD",
"id": "CVE-2018-10501",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Samsung Notes Path Traversal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-20054"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
}
],
"trust": 1.2
},
"type": {
"_id": null,
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-942"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…