Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Samsung |
|
Configuration 1 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-34981 | Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Sat, 12 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Wed, 13 Nov 2024 01:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Samsung
Samsung android |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-apr-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-aug-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-dec-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-feb-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jan-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jul-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-jun-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-mar-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-may-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2021-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-oct-2024-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-sep-2022-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:* cpe:2.3:o:samsung:android:14.0:smr-sep-2024-r1:*:*:*:*:*:* |
|
| Vendors & Products |
Samsung
Samsung android |
Wed, 06 Nov 2024 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 06 Nov 2024 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: SamsungMobile
Published:
Updated: 2024-11-06T11:20:15.831Z
Reserved: 2024-05-07T04:43:27.852Z
Link: CVE-2024-34682
Vulnrichment
Updated: 2024-11-06T11:20:02.530Z
NVD
Status : Analyzed
Published: 2024-11-06T03:15:04.807
Modified: 2024-11-13T00:56:23.533
Link: CVE-2024-34682
Redhat
No data.
OpenCVE Enrichment
No data.