CVE-2012-3807

CRITICAL

Samsung Kies <2.5.0.12094 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3807.

AI-analyzed exploit summary The provided code contains functional exploit proof-of-concept (PoC) for multiple vulnerabilities in Samsung Kies, including a NULL pointer dereference (CVE-2012-3806) and arbitrary file execution/modification (CVE-2012-3807, CVE-2012-3808). The PoCs leverage ActiveX controls to trigger crashes or execute arbitrary commands.

Description

Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.

Exploits (1)

exploitdb WORKING POC
remotewindows
https://www.exploit-db.com/exploits/22007

The provided code contains functional exploit proof-of-concept (PoC) for multiple vulnerabilities in Samsung Kies, including a NULL pointer dereference (CVE-2012-3806) and arbitrary file execution/modification (CVE-2012-3807, CVE-2012-3808). The PoCs leverage ActiveX controls to trigger crashes or execute arbitrary commands.

Classification
Working Poc 100%
Attack Type
Rce | Dos
Complexity
Trivial
Reliability
Reliable
Target: Samsung Kies 2.3.2.12054_20
No auth needed
Prerequisites: Victim must have Samsung Kies installed · Victim must visit a malicious webpage or open a malicious HTML file
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
https://www.securityfocus.com/bid/55936
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/cve/CVE-2012-3806
Third Party Advisory x_refsource_misc
https://www.tenable.com/plugins/nessus/65612

Scores

CVSS v3 9.8
EPSS 0.3486
EPSS Percentile 97.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
samsung/kies < 2.5.0.12094_27_11
Published Jan 09, 2020
Tracked Since Feb 18, 2026