Skip to main content

Kies

6 CVEs product

Monthly

CVE-2022-39845 HIGH This Week

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Kies
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2022-30744 HIGH This Week

DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Kies
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-27843 HIGH This Week

DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Kies
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2015-8780 MEDIUM POC This Month

Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Path Traversal Samsung Kies
NVD GitHub
CVSS 3.0
6.4
EPSS
0.1%
CVE-2012-6429 CRITICAL POC THREAT Emergency

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 49.9%.

RCE Samsung Buffer Overflow Kies
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
49.9%
Threat
5.0
CVE-2012-2990 CRITICAL PATCH Act Now

The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Samsung Code Injection RCE Kies
NVD
CVSS 2.0
9.3
EPSS
1.6%
EPSS 0% CVSS 7.1
HIGH This Week

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Samsung Kies
NVD
EPSS 0% CVSS 7.8
HIGH This Week

DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Kies
NVD
EPSS 0% CVSS 7.8
HIGH This Week

DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Kies
NVD
EPSS 0% CVSS 6.4
MEDIUM POC This Month

Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Path Traversal Samsung Kies
NVD GitHub
EPSS 50% 5.0 CVSS 10.0
CRITICAL POC THREAT Emergency

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 49.9%.

RCE Samsung Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 2% CVSS 9.3
CRITICAL PATCH Act Now

The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Samsung Code Injection RCE +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy