CVE-2024-20840

low

Description

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=03

Details

Source: Mitre, NVD

Published: 2024-03-05

Updated: 2025-02-14

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 2.4

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity: Low

EPSS

EPSS: 0.00115

Detections

Analytics