본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7811 | Samsung Update Local Privilege Escalation Vulnerability2020.10.08
□ Overview
 o Samsung Electronics released security update to address local privilege escalation vulnerability in Samsung Update.
Vulerability Type Impact Severity CVSS CVE ID
Deserialization Privilege Escalation Medium 6.2 CVE-2020-7811
 
□ Description
 o Samsung Update has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication. (CVE-2020-7811)

□ Affected Product
Product Version PlatForm
Samsung Update 3.0.2.0 ~ 3.0.32.0 Window OS
 
□ Solution
 o Update software version 3.0.36.0 and over

□ Acknowledgement
 o Thanks to Yong Hwi Jin for reporting this vulnerability.
 



□ 작성 : 침해사고분석단 취약점분석팀