Samsung MagicINFO Vulnerability Exploited Days After PoC Publication

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication

A high-severity vulnerability (CVE-2024-7399) in Samsung’s MagicINFO content management system has been exploited soon after its proof-of-concept code was released, allowing unauthenticated attackers to upload JSP files and execute arbitrary server-side code. Samsung addressed this issue with a patch in version 21.1050 of MagicINFO 9 Server. Organizations are urged to update their systems promptly to mitigate the risk of exploitation.

Keypoints :

  • The vulnerability is tracked as CVE-2024-7399 with a CVSS score of 8.8.
  • It involves improper limitations on file pathnames within the Samsung MagicINFO 9 Server.
  • An unauthenticated attacker can upload JSP files due to insufficient input sanitization.
  • This flaw may permit remote code execution, posing significant security risks.
  • Samsung released a patch for this vulnerability in version 21.1050 of MagicINFO 9 Server in August 2024.
  • Exploitation has been observed in the wild following the publication of PoC code on April 30, 2025.
  • Organizations are advised to promptly update to version 21.1050 or newer to protect their systems.
  • MagicINFO serves as a comprehensive solution for managing and distributing content across linked displays.

Read More: https://www.securityweek.com/samsung-magicinfo-vulnerability-exploited-days-after-poc-publication/