CVE-2021-39373
HIGHSamsung Drive Manager 2.0.104 - Insufficiently Protected Credentials via WideCharToMultiByte and WideCharStr
Title source: llmDescription
Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte, WideCharStr, and MultiByteStr can contribute to password exposure.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/bosslabdcu/Vulnerability-Reporting/security/advisories/GHSA-j3f7-346q-97f4
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
14.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-522
Status
published
Products (1)
samsung/drive_manager
2.0.104
Published
Sep 01, 2021
Tracked Since
Feb 18, 2026