A vulnerability, which was classified as problematic, was found in Samsung Email. This affects an unknown functionality of the component EML File Handler. The manipulation with an unknown input leads to a access control vulnerability. CWE is classifying the issue as CWE-264. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5328.

The bug was discovered 06/07/2018. The weakness was shared 09/24/2018 (Website). It is possible to read the advisory at zerodayinitiative.com. This vulnerability is uniquely identified as CVE-2018-10497 since 04/27/2018. Attacking locally is a requirement. The successful exploitation needs a authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1068 according to MITRE ATT&CK.

The vulnerability was handled as a non-public zero-day exploit for at least 109 days. During that time the estimated underground price was around $0-$5k.

Upgrading to version 5.0.02.16 eliminates this vulnerability.

The entry 124420 is related to this item.

Productinfo

Vendor

• Samsung

Name

• Email

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion