CVE-2024-20805

Description

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

CVSS Version 3.1

nvd
CVE ID: CVE-2024-20805
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Impact Score: 3.6
Exploitability Score: 1.8

samsung
CVE ID: CVE-2024-20805
Base Score: 3.3
Base Severity: LOW
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Impact Score: 1.4
Exploitability Score: 1.8

Refrence: NVD MITRE

Description​

Description