{"cve":{"cve_id":"CVE-2024-34597","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00154,"epss_percentile":0.04857,"epss_as_of":"2026-06-23","description":"Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability.","published_at":"2024-07-02T09:23:37.348000Z","last_modified_at":null,"cvss_v3_score":4.4,"cvss_v3_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":null,"nvd_references":["https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:00:20.813544Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"L","value_label":"Local"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"samsung-mobile","vendor_name":"Samsung Mobile","product_slug":"samsung-health","product_name":"Samsung Health","version_start":"6.27.0.113","version_start_inclusive":true,"version_end":"6.27.0.113","version_end_inclusive":true,"cpe23_uri":"cve5:samsung-mobile:samsung-health:6.27.0.113:6.27.0.113"}],"exploit_refs":[],"news":[],"references":[{"url":"https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=07","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-07-02T09:23:37.348000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:35:56.094721Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:00:20.813544Z","label":"SSVC decision revised","source":"vulnrichment"}]}