Sign-up

ID

VAR-202412-0239


CVE

CVE-2024-49416


TITLE

Samsung's  SmartThings  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264

DESCRIPTION

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information. Samsung's SmartThings Exists in unspecified vulnerabilities.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2024-49416 // JVNDB: JVNDB-2024-026264

AFFECTED PRODUCTS

vendor:samsungmodel:smartthingsscope:ltversion:1.8.21

Trust: 1.0

vendor:サムスンmodel:smartthingsscope:eqversion:1.8.21

Trust: 0.8

vendor:サムスンmodel:smartthingsscope: - version: -

Trust: 0.8

vendor:サムスンmodel:smartthingsscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264 // NVD: CVE-2024-49416

CVSS

SEVERITY

CVSSV2

CVSSV3

mobile.security@samsung.com: CVE-2024-49416
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2024-49416
value: MEDIUM

Trust: 1.0

NVD: CVE-2024-49416
value: MEDIUM

Trust: 0.8

mobile.security@samsung.com: CVE-2024-49416
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.5
impactScore: 1.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2024-49416
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2024-49416
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264 // NVD: CVE-2024-49416 // NVD: CVE-2024-49416

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264 // NVD: CVE-2024-49416

EXTERNAL IDS

db:NVDid:CVE-2024-49416

Trust: 2.6

db:JVNDBid:JVNDB-2024-026264

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264 // NVD: CVE-2024-49416

REFERENCES

url:https://security.samsungmobile.com/serviceweb.smsb?year=2024&month=12

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-49416

Trust: 0.8

sources: JVNDB: JVNDB-2024-026264 // NVD: CVE-2024-49416

SOURCES

db:JVNDBid:JVNDB-2024-026264
db:NVDid:CVE-2024-49416

LAST UPDATE DATE

2025-07-20T23:19:58.249000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-026264date:2025-07-18T01:57:00
db:NVDid:CVE-2024-49416date:2025-07-17T17:21:52.323

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-026264date:2025-07-18T00:00:00
db:NVDid:CVE-2024-49416date:2024-12-03T06:15:09.697