CVE-2012-3810

HIGH

Samsung Kies <2.5.0.12094 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3810. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Samsung Kies, including a NULL pointer dereference (CVE-2012-3806) and arbitrary file execution/modification (CVE-2012-3807, CVE-2012-3808, CVE-2012-3809, CVE-2012-3810) via ActiveX controls. The PoC code triggers crashes or executes arbitrary commands through vulnerable methods in the CmdAgent.dll library.

Description

Samsung Kies before 2.5.0.12094_27_11 has registry modification.

Exploits (1)

exploitdb WORKING POC
by High-Tech Bridge SA · textremotewindows
https://www.exploit-db.com/exploits/22007

The exploit demonstrates multiple vulnerabilities in Samsung Kies, including a NULL pointer dereference (CVE-2012-3806) and arbitrary file execution/modification (CVE-2012-3807, CVE-2012-3808, CVE-2012-3809, CVE-2012-3810) via ActiveX controls. The PoC code triggers crashes or executes arbitrary commands through vulnerable methods in the CmdAgent.dll library.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Samsung Kies 2.3.2.12054_20
No auth needed
Prerequisites: Victim must have Samsung Kies installed · Victim must visit a malicious webpage or open a malicious HTML file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
https://www.securityfocus.com/bid/55936
Third Party Advisory x_refsource_misc
https://www.tenable.com/plugins/nessus/65612
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/cve/CVE-2012-3809

Scores

CVSS v3 7.5
EPSS 0.0499
EPSS Percentile 91.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

Status published
Products (1)
samsung/kies < 2.5.0.12094_27_11
Published Jan 09, 2020
Tracked Since Feb 18, 2026