CVE-2018-10502 – This vulnerability allows local attackers to escalate privileges on vulnerable installatio …

0

Vuln ID: CVE-2018-10502

Published:  2018-09-24  23:29:01Z

Description: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5359.

Source: NVD.NIST.GOV