CyberSecurityBoard
Sponsor Register Login

Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File

This vulnerability stems from insufficient validation of file paths during write operations, allowing remote attackers to bypass directory restrictions and place malicious files anywhere on the system with SYSTEM user privileges. This allows a remote attacker to bypass directory restrictions and upload files outside the intended path, effectively enabling them to plant malicious code anywhere on the file system-even in sensitive system directories. Arctic Wolf researchers observed active exploitation attempts against MagicINFO servers almost immediately after proof-of-concept code became available, suggesting malicious actors are closely monitoring vulnerabilities in these systems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The flaw allows unauthenticated attackers to write arbitrary files with system-level privileges, potentially leading to complete system compromise. Security firm Huntress reported earlier this month that despite Samsung’s claims of patching CVE-2024-7399 in version 21.1050, their tests confirmed that the version remained vulnerable to exploitation. Security professionals recommend organizations not only apply the patch but also verify their Auto-Update settings and audit their systems for any signs of compromise. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Organizations unable to immediately update should consider isolating MagicINFO systems from public networks until patches can be applied.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 14 May 2025 14:20:23 +0000


Cyber News related to Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File

Samsung MagicINFO Vulnerability Allows Remote Code Execution Without Valid User - A critical security vulnerability has been discovered in Samsung’s MagicINFO digital signage management platform that could allow attackers to execute arbitrary code with system-level privileges without requiring authentication. Security ...
1 month ago Cybersecuritynews.com CVE-2024-7399
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks - Given the active exploitation status of the flaw, it is recommended that system administrators take immediate action to patch CVE-2024-7399 by upgrading the Samsung MagicINFO Server to version 21.1050 or later. Hackers are exploiting an ...
3 weeks ago Bleepingcomputer.com CVE-2024-7399
Samsung MagicINFO 9 Server Vulnerability Exploited in the Wild - However, the situation changed dramatically when a research article with technical details and a proof-of-concept exploit was published on April 30, 2025 and within days, Arctic Wolf began observing active exploitation attempts in the wild. As threat ...
3 weeks ago Cybersecuritynews.com CVE-2024-7399
Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File - This vulnerability stems from insufficient validation of file paths during write operations, allowing remote attackers to bypass directory restrictions and place malicious files anywhere on the system with SYSTEM user privileges. This allows a remote ...
2 weeks ago Cybersecuritynews.com CVE-2024-7399
CVE-2024-55642 - In the Linux kernel, the following vulnerability has been resolved: block: Prevent potential deadlocks in zone write plug error recovery Zone write plugging for handling writes to zones of a zoned block device always execute a zone report whenever a ...
4 months ago Tenable.com
Samsung hit by new data breach impacting UK store customers - Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. The company says that the cyberattack impacted only customers who made purchases from the Samsung UK online ...
1 year ago Bleepingcomputer.com LAPSUS$
Epic Sues Google, Samsung Over App Store Barriers | Silicon UK - In its new case Epic claims that a month before the Epic Games Store launch in August, Samsung decided to enable Auto Blocker by default, making it more difficult for buyers of new phones to install competing app stores. Epic Games has filed a second ...
8 months ago Silicon.co.uk
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
1 year ago
Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable - Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security ...
2 years ago Securityaffairs.com
Samsung Galaxy Store App Found Vulnerable to Hackers - Security researchers have found that the Samsung Galaxy Store app is vulnerable to hackers, putting millions of users at risk of data theft and cyber attacks. According to researchers from the Security Research Center at Michigan University, the app ...
2 years ago Thehackernews.com
Samsung One UI Security Flaw Exposes Users Data in Plain Text With No Expiration! - Security researchers have identified that Samsung devices running Android 9 or later store all clipboard content—including passwords, banking details, and personal messages in plain text indefinitely with no automatic deletion mechanism. Even when ...
1 month ago Cybersecuritynews.com
How Russian Hackers Attack Samsung Devices – A Comprehensive Guide - Samsung devices have become all the rage around the globe. Unfortunately, their popularity also attracts the attention of hackers and other cybercriminals who take advantage of them to spread their malicious codes and conduct their illegal ...
2 years ago Heimdalsecurity.com
Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. The contestants also demoed zero-day bugs in printers, routers, smart speakers, surveillance ...
1 year ago Bleepingcomputer.com
CVE-2024-7399 - Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority. ...
9 months ago CVE-2024-7399
CVE-2025-4632 - Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. ...
2 weeks ago
CVE-2017-5217 - Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install ...
8 years ago
Samsung Galaxy App Store Vulnerabilities: Exploits Released and What These Mean For Users - Exploits have recently been released for two Samsung Galaxy App Store vulnerabilities, representing a major security risk for users of the smartphone. The first vulnerability is in the Galaxy App Store where malicious app developers can bypass ...
2 years ago Bleepingcomputer.com
CVE-2019-16400 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago
Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. They also demoed exploits and vulnerability chains targeting zero-days in Xiaomi's 13 Pro ...
1 year ago Bleepingcomputer.com
Protecting Your Device from Unwanted App Installations: An Overview of Samsung Galaxy Store Flaws - As more and more devices become connected to the internet, it's important to be aware of the security measures we should take to protect our data and digital identities. Smartphones and other mobile devices can be particularly vulnerable targets, due ...
2 years ago Securityweek.com
D-Link D-View 8 Unauthenticated Probe-Core Server Communication - A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. An unauthenticated remote attacker can register a host of his/her choice as a Probe server by sending ...
1 year ago Tenable.com
CVE-2019-16401 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago
Samsung Galaxy gets new Auto Blocker anti-malware feature - Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices. Auto Blocker is an opt-in security feature that prevents the side-loading of risky apps ...
1 year ago Bleepingcomputer.com Rocke
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto - The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits targeting consumer products between October 24 and October 27. During the Pwn2Own Toronto 2023 hacking event organized by ...
1 year ago Bleepingcomputer.com
Samsung 'Sees Fourth-Quarter Chip Rebound' - Analysts expect Samsung to show lowest profit drop in six quarters in latest sign of semiconductor market recovery. Samsung Electronics is expected to report a smaller drop in profits than has become usual over the past year and a half, in the latest ...
1 year ago Silicon.co.uk

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)