← Back to CVEs
CVE-2024-36071
MEDIUM6.3
Description
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path.
CVE Details
CVSS v3.1 Score6.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityHIGH
Privileges RequiredHIGH
User InteractionREQUIRED
Published6/20/2024
Last Modified6/3/2025
Sourcenvd
Honeypot Sightings0
Affected Products
microsoft:windowssamsung:magician
Weaknesses (CWE)
CWE-426
References
https://semiconductor.samsung.com/support/quality-support/product-security-updates/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.