Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.
History

Mon, 23 Dec 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Samsung
Samsung internet
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:*
Vendors & Products Samsung
Samsung internet

cve-icon MITRE

Status: PUBLISHED

Assigner: SamsungMobile

Published: 2024-03-05T04:44:46.414Z

Updated: 2024-08-01T22:06:36.497Z

Reserved: 2023-12-05T04:57:52.535Z

Link: CVE-2024-20837

cve-icon Vulnrichment

Updated: 2024-05-23T19:01:14.958Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-05T05:15:11.150

Modified: 2024-12-23T16:29:57.827

Link: CVE-2024-20837

cve-icon Redhat

No data.