Skip to content

CVE-2024-31952

Exploiting symbolic linking in the files used during the installation process allows an attacker to escalate privileges through arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)

May 07, 2024

This table summarizes key information about the CVE-2024-31952, including its identifier, title, affected products, versions, severity, reporting date, patched versions, and acknowledgement status.
Category Content
CVE ID CVE-2024-31952
Description Exploiting symbolic linking in the files used during the installation process allows an attacker to escalate privileges through arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.)
Affected Product Samsung Magician Software for Mac OS
Affected Version 8.0.0
Severity Medium (6.7)
Reported Date 2024.01.08
Patched Version 8.1.0
Acknowledgment pwn2car