CVE-2024-20821

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published May 7, 2024

Summary

CVE-2024-20821 is a newly identified vulnerability that allows local attackers to manipulate One-Time Passwords (OTPs) and transition to Return Merchandise Authorization (RMA) mode on a targeted system. This mode disables security features, increasing the risk of unauthorized access. However, to exploit this vulnerability, an attacker must have the required privileges to control the Trusted Execution Environment (TEE). This weakness could result in significant security consequences if left unaddressed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Exynos Processor

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vzexGY
https://www.cve.org/CVERecord?id=CVE-2024-20821
https://nvd.nist.gov/vuln/detail/CVE-2024-20821

Back to Vulnerability Database