Samsung Magician
8 CVEs affecting Samsung Magician. Latest disclosed: 2026-01-05. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-3218 | High | 8.8 | 2017-06-21 | Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software update… |
CVE-2025-57836 | High | 7.8 | 2026-01-05 | An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation… |
CVE-2024-23769 | High | 7.3 | 2024-02-07 | Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. |
CVE-2024-31953 | Medium | 6.7 | 2024-05-14 | An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installati… |
CVE-2024-31952 | Medium | 6.7 | 2024-05-14 | An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via… |
CVE-2024-36071 | Medium | 6.3 | 2024-06-20 | Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. Th… |
CVE-2025-32098 | Medium | 5.3 | 2025-09-02 | An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file d… |
CVE-2024-53921 | Low | 2.8 | 2024-12-03 | An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via… |