Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.
Metrics
Affected Vendors & Products
References
History
Mon, 23 Dec 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Samsung
Samsung internet |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:samsung:internet:*:*:*:*:*:*:*:* | |
Vendors & Products |
Samsung
Samsung internet |
MITRE
Status: PUBLISHED
Assigner: SamsungMobile
Published: 2024-03-05T04:44:46.414Z
Updated: 2024-08-01T22:06:36.497Z
Reserved: 2023-12-05T04:57:52.535Z
Link: CVE-2024-20837
Vulnrichment
Updated: 2024-05-23T19:01:14.958Z
NVD
Status : Analyzed
Published: 2024-03-05T05:15:11.150
Modified: 2024-12-23T16:29:57.827
Link: CVE-2024-20837
Redhat
No data.