{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T18:31:55.764","vulnerabilities":[{"cve":{"id":"CVE-2019-6744","sourceIdentifier":"zdi-disclosures@trendmicro.com","published":"2020-02-10T21:53:39.410","lastModified":"2024-11-21T04:47:03.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381."},{"lang":"es","value":"Esta vulnerabilidad permite a atacantes locales revelar información confidencial sobre las instalaciones afectadas de Samsung Knox versión 1.2.02.39, en Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. Un atacante primero debe obtener acceso físico al dispositivo a fin de explotar esta vulnerabilidad. Los fallos específicos se presentan en el manejo de la pantalla de bloqueo para Secure Folder. El problema resulta de la falta de comprobación apropiada que un usuario ha autenticado correctamente. Un atacante puede aprovechar esta vulnerabilidad para revelar el contenido del contenedor seguro. Fue ZDI-CAN-7381."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}],"cvssMetricV30":[{"source":"zdi-disclosures@trendmicro.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"zdi-disclosures@trendmicro.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samsung:knox:1.2.02.39:*:*:*:*:*:*:*","matchCriteriaId":"A3BF44F4-2469-47AD-AE4D-C49B9F774CE1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:samsung:galaxy_s9:-:*:*:*:*:*:*:*","matchCriteriaId":"3CE4730C-0430-429C-9723-76219B46F092"}]}]}],"references":[{"url":"https://security.samsungmobile.com/securityUpdate.smsb","source":"zdi-disclosures@trendmicro.com","tags":["Not Applicable"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-19-515/","source":"zdi-disclosures@trendmicro.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://security.samsungmobile.com/securityUpdate.smsb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-19-515/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}