CVE-2024-49416 – This vulnerability in Samsung SmartThings allow... (How to Fix)

Q: What is the severity of CVE-2024-49416?

CVE-2024-49416 has a CVSS score of 4.0 (MEDIUM). This vulnerability in Samsung SmartThings allows local attackers to access sensitive information through improper use of implicit intents. It affects SmartThings app users on Android devices before version 1.8.21. The attacker must have physical access or local app execution capability.

📋 TL;DR

This vulnerability in Samsung SmartThings allows local attackers to access sensitive information through improper use of implicit intents. It affects SmartThings app users on Android devices before version 1.8.21. The attacker must have physical access or local app execution capability.

💻 Affected Systems

Products:

Samsung SmartThings

Versions: Versions prior to 1.8.21

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Android SmartThings app. Requires local access to device or ability to run malicious app on same device.

📦 What is this software?

Smartthings by Samsung

View all CVEs affecting Smartthings →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker extracts sensitive SmartThings configuration data, device credentials, or user information that could enable further attacks on smart home devices.

🟠

Likely Case

Local malicious app or user with device access reads SmartThings app data including device names, locations, or limited configuration details.

🟢

If Mitigated

With proper Android app sandboxing and permissions, impact is limited to data the SmartThings app stores locally.

🌐 Internet-Facing: LOW - Requires local access to device, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers on shared devices or with physical access could exploit this.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires local access to device. Likely exploited through malicious app or direct device access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.21 or later

Vendor Advisory: https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12

Restart Required: No

Instructions:

1. Open Google Play Store 2. Search for SmartThings 3. Update to version 1.8.21 or higher 4. No restart required

🔧 Temporary Workarounds

Disable SmartThings app

android

Temporarily disable the SmartThings app if not in use

Settings > Apps > SmartThings > Disable

Restrict app permissions

android

Review and restrict SmartThings app permissions

Settings > Apps > SmartThings > Permissions

🧯 If You Can't Patch

Restrict physical access to devices with SmartThings installed
Use Android work profile or containerization to isolate SmartThings app

🔍 How to Verify

Check if Vulnerable:

Check SmartThings app version in Settings > Apps > SmartThings

Check Version:

adb shell dumpsys package com.samsung.android.oneconnect | grep versionName

Verify Fix Applied:

Confirm SmartThings version is 1.8.21 or higher

📡 Detection & Monitoring

Log Indicators:

Android logs showing intent broadcasts from SmartThings to unexpected receivers

Network Indicators:

No network indicators - local exploit only

SIEM Query:

No applicable network SIEM query - monitor for suspicious local app interactions

📊 Metadata

CVE ID: CVE-2024-49416

CVSS v3 Score: 4.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Published: December 3, 2024

Last Updated: July 17, 2025

🔗 References

https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=12 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON