My CVEs
All of my CVEs are documented here.
CVE-2024-4406
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
References
- https://www.zerodayinitiative.com/advisories/ZDI-24-419/
- https://trust.mi.com/misrc/bulletins/advisory?cveId=545
- Advisory: https://www.nccgroup.com/us/research-blog/technical-advisory-xiaomi-13-pro-code-execution-via-getapps-dom-cross-site-scripting-xss/
- Backup advisory - https://yogehi.github.io/cves/cve-2024-4406.html
CVE-2023-21433
Some versions of the Galaxy App Store on certain versions of Android could have been abused to install other applications available on the Galaxy App Store.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=1 - January 2023
- Advisory - https://research.nccgroup.com/2023/01/20/technical-advisory-multiple-vulnerabilities-in-the-galaxy-app-store-cve-2023-21433-cve-2023-21434/
- Backup advisory - https://yogehi.github.io/cves/cve-2023-21433.html
CVE-2023-21434
Some versions of the Galaxy App Store could have been abused to launch a webview which would execute arbitrary JavaScript.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=1 - January 2023
- Advisory - https://research.nccgroup.com/2023/01/20/technical-advisory-multiple-vulnerabilities-in-the-galaxy-app-store-cve-2023-21433-cve-2023-21434/
- Backup advisory - https://yogehi.github.io/cves/cve-2023-21434.html
CVE-2022-28775
Some versions of the Samsung Flow application could have been abused to gain access to the external storage area of the device.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4 - April 2022
- https://www.cvedetails.com/cve/CVE-2022-28775
- Advisory - https://labs.f-secure.com/advisories/samsung-flow-any-app-can-read-the-external-storage/
- Backup advisory - https://yogehi.github.io/cves/cve-2022-28775.html
CVE-2022-28776
Some versions of the Galaxy App Store could have been abused to install other applications available on the Galaxy App Store.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4 - April 2022
- https://www.cvedetails.com/cve/CVE-2022-28776
- Advisory - https://labs.f-secure.com/advisories/samsung-galaxy-any-app-can-install-any-app/
- Backup advisory - https://yogehi.github.io/cves/cve-2022-28776.html
CVE-2022-22288
Some versions of the Galaxy App Store could have been abused to install a malicious application.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=1 - January 2022
- https://www.cvedetails.com/cve/CVE-2022-22288
- Advisory - https://labs.f-secure.com/advisories/samsung-galaxy-one-tap-install-malicious-application/
- Backup advisory - https://yogehi.github.io/cves/cve-2022-22288.html
CVE-2021-25374
Some versions of Samsung Members Android application could have been abused to access a victim’s Samsung Account.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=4 - April 2021
- https://www.cvedetails.com/cve/CVE-2021-25374
- Advisory - https://labs.f-secure.com/advisories/samsung-s20-gain-access-to-samsung-account/
- Backup advisory - https://yogehi.github.io/cves/cve-2021-25374.html
PoC:
CVE-2021-25367
Some versions of Samsung Notes Android application could have been abused to access local files without permission.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=2 - February 2021
- https://www.cvedetails.com/cve/CVE-2021-25367
- Advisory - https://labs.f-secure.com/advisories/samsung-s20-access-external-storage-files/
- Backup advisory - https://yogehi.github.io/cves/cve-2021-25367.html
CVE-2021-25354
Some versions of Samsung Internet Android application could have been abused to open non-exported activities via malicious deeplink.
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=2 - February 2021
- https://www.cvedetails.com/cve/CVE-2021-25354
- Advisory up - https://labs.f-secure.com/advisories/open-activities-via-samsung-browser/
- Backup advisory - https://yogehi.github.io/cves/cve-2021-25354.html
CVE-2019-15972
Some versions of Cisco Unified Communications Manager’s admin portal had an authenticated SQLi issue.
References:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-cucm-sql
- https://www.cvedetails.com/cve/CVE-2019-15972
- Advisory - https://labs.f-secure.com/advisories/cisco-ucm-informix-sql-injection/
- Backup advisory - https://yogehi.github.io/cves/cve-2019-15972.html
- Write up - https://labs.f-secure.com/blog/uncommon-sql-database-alert-informix-sql-injection/
- Backup write up - https://yogehi.github.io/published-research/informix-sql-injection.html
PoC:
CVE-2018-4348
Some versions of macOS had a DoS issue on their login screen.
References:
- https://support.apple.com/en-us/HT209193
- https://support.apple.com/en-us/HT209139
- https://www.cvedetails.com/cve/CVE-2018-4348
- Advisory - https://labs.f-secure.com/advisories/macos-user-interface-denial-of-service/
- Backup advisory - https://yogehi.github.io/cves/cve-2018-4348.html