Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations

Security researcher Ken Gannon of NCC Group (@yogehi) discovered the directory traversal vulnerability in Samsung’s Quick Share feature, which allows users to easily share files between devices. Security experts recommend keeping automatic updates enabled and exercising caution when using Quick Share with unknown devices or on public networks. According to the Zero Day Initiative advisory, the vulnerability provides attackers with network access to create arbitrary files on affected installations of Samsung Galaxy S24. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The directory traversal vulnerability could allow malicious actors to create files in arbitrary locations with the permissions of the current user. Galaxy S24 users should verify they have the latest security updates installed by checking Settings > Software Update > Download and Install. An attacker can leverage this vulnerability to create files in the context of the current user”, reads the advisory. The April 2025 security patch fixed over 60 issues, including 4 critical vulnerabilities.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 15 Apr 2025 06:50:13 +0000

Cyber News related to Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations

Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations - Security researcher Ken Gannon of NCC Group (@yogehi) discovered the directory traversal vulnerability in Samsung’s Quick Share feature, which allows users to easily share files between devices. Security experts recommend keeping automatic ...
1 week ago Cybersecuritynews.com

Protecting Your Device from Unwanted App Installations: An Overview of Samsung Galaxy Store Flaws - As more and more devices become connected to the internet, it's important to be aware of the security measures we should take to protect our data and digital identities. Smartphones and other mobile devices can be particularly vulnerable targets, due ...
2 years ago Securityweek.com

CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
1 year ago

Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. The contestants also demoed zero-day bugs in printers, routers, smart speakers, surveillance ...
1 year ago Bleepingcomputer.com

Samsung Galaxy Store App Found Vulnerable to Hackers - Security researchers have found that the Samsung Galaxy Store app is vulnerable to hackers, putting millions of users at risk of data theft and cyber attacks. According to researchers from the Security Research Center at Michigan University, the app ...
2 years ago Thehackernews.com

Samsung Galaxy App Store Vulnerabilities: Exploits Released and What These Mean For Users - Exploits have recently been released for two Samsung Galaxy App Store vulnerabilities, representing a major security risk for users of the smartphone. The first vulnerability is in the Galaxy App Store where malicious app developers can bypass ...
2 years ago Bleepingcomputer.com

Samsung hit by new data breach impacting UK store customers - Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. The company says that the cyberattack impacted only customers who made purchases from the Samsung UK online ...
1 year ago Bleepingcomputer.com LAPSUS$

750m Indian mobile subscribers' info for sale on dark web The Register - Asia In Brief Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000. CloudSEK named CYBO CREW ...
1 year ago Go.theregister.com

Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. They also demoed exploits and vulnerability chains targeting zero-days in Xiaomi's 13 Pro ...
1 year ago Bleepingcomputer.com

Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto - The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits targeting consumer products between October 24 and October 27. During the Pwn2Own Toronto 2023 hacking event organized by ...
1 year ago Bleepingcomputer.com

Security Flaws Found in Samsung's Galaxy Store for Android - Recent developments in the tech industry have jolted the world – smartphones, more so. In addition to boosting user convenience, these mini-computers have also made life easier for predators looking to exploit security loopholes. Therefore, it is ...
2 years ago Heimdalsecurity.com

Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable - Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security ...
2 years ago Securityaffairs.com

Samsung Galaxy gets new Auto Blocker anti-malware feature - Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices. Auto Blocker is an opt-in security feature that prevents the side-loading of risky apps ...
1 year ago Bleepingcomputer.com Rocke

Epic Sues Google, Samsung Over App Store Barriers | Silicon UK - In its new case Epic claims that a month before the Epic Games Store launch in August, Samsung decided to enable Auto Blocker by default, making it more difficult for buyers of new phones to install competing app stores. Epic Games has filed a second ...
6 months ago Silicon.co.uk

CVE-2022-23470 - Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is ...
2 years ago

Cisco Secure Access Extends SSE With Mobile Zero Trust - Earlier this year, we introduced Cisco Secure Access, a security service edge solution that combines a secure web gateway, cloud access security broker, firewall-as-a-service, zero trust access and more, to help organizations address this challenge ...
1 year ago Feedpress.me

CVE-2023-27578 - Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the ...
2 years ago

CVE-2019-16400 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago

CVE-2019-16401 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago

CVE-2020-35693 - On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's ...
4 years ago

CVE-2016-4032 - Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not ...
7 years ago

CVE-2016-4030 - Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have ...
7 years ago

CVE-2016-4031 - Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow ...
7 years ago

CVE-2018-21073 - An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018). ...
5 years ago

Researchers Exploited GOG Galaxy XPC Service in macOS - A critical privilege escalation vulnerability has been discovered to affect macOS devices, particularly the GOG Galaxy software-installed machines. The CVE for this vulnerability has been assigned as CVE-2023-40713, and the severity rating has been ...
1 year ago Cybersecuritynews.com CVE-2023-40713

Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations

Cyber News related to Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)