CVE-2024-20804

Description

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

CVSS Version 3.1

nvd
CVE ID: CVE-2024-20804
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Impact Score: 3.6
Exploitability Score: 1.8

samsung
CVE ID: CVE-2024-20804
Base Score: 4.0
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Impact Score: 1.4
Exploitability Score: 2.5

Refrence: NVD MITRE

Description​

Description