CVE-2024-20816

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 6, 2024

Updated: Feb 14, 2024

CWE ID 287

Summary

CVE-2024-20816 is a newly disclosed cybersecurity vulnerability that affects the Auto Hotspot application. This issue involves improper authentication in the onCharacteristicWriteRequest function, which is present before the SMR Feb-2024 Release 1. An attacker in close proximity can exploit this vulnerability to connect to a victim's mobile hotspot without their awareness. This potentially exposes the victim's network to unauthorized access and potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uak9Xk
https://www.cve.org/CVERecord?id=CVE-2024-20816
https://nvd.nist.gov/vuln/detail/CVE-2024-20816

Back to Vulnerability Database