Login Sign Up

CVE-2024-34672

5.5 MEDIUM

📋 TL;DR

This vulnerability in SamsungVideoPlayer allows local attackers to bypass user isolation and access video files belonging to other users on the same device. It affects Samsung devices running Android 12, 13, and 14 with vulnerable versions of the video player app. The attack requires local access to the device.

💻 Affected Systems

Products:
  • SamsungVideoPlayer
Versions: Versions prior to 7.3.29.1 in Android 12, prior to 7.3.36.1 in Android 13, and prior to 7.3.41.230 in Android 14
Operating Systems: Android 12, Android 13, Android 14
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Samsung devices with the vulnerable SamsungVideoPlayer app versions. Requires local access to exploit.

📦 What is this software?

Video Player by Samsung

View all CVEs affecting Video Player →

Video Player by Samsung

View all CVEs affecting Video Player →

Video Player by Samsung

View all CVEs affecting Video Player →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with physical or local access could access private video files from other user profiles, potentially exposing sensitive personal content.

🟠

Likely Case

Malicious apps or users with local access could view videos from other user accounts on shared or multi-user devices.

🟢

If Mitigated

With proper user isolation and app sandboxing, impact is limited to unauthorized file access within the same device.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring physical or local access to the device.
🏢 Internal Only: MEDIUM - On shared or multi-user devices, this could allow unauthorized access to other users' video files.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access to the device. Likely involves crafting malicious input to bypass file access controls.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.3.29.1 for Android 12, 7.3.36.1 for Android 13, 7.3.41.230 for Android 14

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=10

Restart Required: Yes

Instructions:

1. Open Settings app. 2. Navigate to Software Update. 3. Check for and install available updates. 4. Restart device after update completes.

🔧 Temporary Workarounds

Disable SamsungVideoPlayer

android

Disable the vulnerable video player app to prevent exploitation

adb shell pm disable-user --user 0 com.sec.android.app.videoplayer

Use alternative video player

android

Install and use a different video player application

🧯 If You Can't Patch

  • Restrict physical access to devices and implement strong device authentication
  • Avoid using multi-user profiles on shared devices until patched

🔍 How to Verify

Check if Vulnerable:

Check SamsungVideoPlayer version in Settings > Apps > SamsungVideoPlayer > App info

Check Version:

adb shell dumpsys package com.sec.android.app.videoplayer | grep versionName

Verify Fix Applied:

Verify SamsungVideoPlayer version is 7.3.29.1 or higher (Android 12), 7.3.36.1 or higher (Android 13), or 7.3.41.230 or higher (Android 14)

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized file access attempts to /storage/emulated/ directories
  • SamsungVideoPlayer process accessing files outside user sandbox

Network Indicators:

  • No network indicators - local vulnerability only

SIEM Query:

process_name:"SamsungVideoPlayer" AND file_path:"/storage/emulated/*" AND NOT user_id:current_user

📊 Metadata

CVE ID: CVE-2024-34672
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Published: October 8, 2024
Last Updated: January 8, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON