CVE-2024-34585

Vulnerability

The vulnerability exists in the launchApp function of SystemUI on Samsung mobile devices prior to the SMR Jul-2024 Release 1 security update. Improper access control allows local applications to bypass intended restrictions and launch privileged activities without proper authorization [1]. The affected versions are those running Samsung firmware earlier than the July 2024 security patch level.

Exploitation

An attacker needs local access to the device and must be able to execute a malicious application. No additional permissions or user interaction beyond launching the app are required. The attacker triggers launchApp with crafted parameters that bypass the insufficient access control checks, causing SystemUI to launch a privileged activity that should not be accessible to third-party apps [1].

Impact

Successful exploitation allows the attacker to launch privileged activities, potentially leading to elevation of privilege. This could enable the attacker to access sensitive system functions, modify system settings, or access protected data that are normally restricted to higher-privileged components [1].

Mitigation

The vulnerability is fixed in the Samsung Mobile Security update SMR Jul-2024 Release 1, released in July 2024. Users should update their devices to the latest firmware available [1]. No workarounds are documented in the available reference. Devices that have reached end-of-life and do not receive security updates remain vulnerable.