{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-36071","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2024-08-02T03:30:13.006Z","dateReserved":"2024-05-19T00:00:00.000Z","datePublished":"2024-06-20T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-06-20T20:47:15.997Z"},"descriptions":[{"lang":"en","value":"Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://semiconductor.samsung.com/support/quality-support/product-security-updates/"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:R","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.3,"baseSeverity":"MEDIUM"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-426","lang":"en","description":"CWE-426 Untrusted Search Path"}]}],"affected":[{"vendor":"samsung","product":"magician","cpes":["cpe:2.3:a:samsung:magician:8.0.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"8.0.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-24T15:28:57.237683Z","id":"CVE-2024-36071","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-24T15:31:38.045Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:30:13.006Z"},"title":"CVE Program Container","references":[{"url":"https://semiconductor.samsung.com/support/quality-support/product-security-updates/","tags":["x_transferred"]}]}]},"dataVersion":"5.1"}