Samsung has recently launched Samsung Magician Software version 8.0.1, which fixes a high-risk vulnerability discovered by security researchers that allows low-privileged accounts to access data of higher-privileged accounts. The vulnerability is numbered CVE-2024-23769 and has a CVSS score of 7.3. It was initially reported to Samsung by researchers on October 30, 2023 and confirmed.
It is not easy to exploit this vulnerability, because this is not a remote vulnerability. To perform the attack, hackers must have access to systems running Samsung Magician 8.0.0 and below.
For example, a hacker uses a GUEST account with lower permissions to access Samsung Magician software, and exploits the vulnerability to access the data of users with administrator rights.
Although the impact of this vulnerability is relatively small for most users, if the user has installed and frequently uses Samsung Magician, it is recommended to update it.
You can download the latest version here: https://semiconductor.samsung.com/consumer-storage/support/tools/