Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25344PUBLISHED: 2021-03-04Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission.
CVE-2021-25345PUBLISHED: 2021-03-04Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
CVE-2021-25346PUBLISHED: 2021-03-04A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.
CVE-2021-25347PUBLISHED: 2021-03-04Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.
CVE-2021-25348PUBLISHED: 2021-03-04Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
User Rank: Author
6/1/2016 | 6:17:52 PM
This is still very early days, and one can imagine all manner of places it won't work (what if you only have 2 employees with a particular job title?), but if it's even useful 1/4th the time in a large organization, that might still be a big step forward for accelerating early detection.