A high-severity vulnerability (CVE-2024-7399) in Samsung’s MagicINFO content management system has been exploited soon after its proof-of-concept code was released, allowing unauthenticated attackers to upload JSP files and execute arbitrary server-side code. Samsung addressed this issue with a patch in version 21.1050 of MagicINFO 9 Server. Organizations are urged to update their systems promptly to mitigate the risk of exploitation.
Keypoints :
- The vulnerability is tracked as CVE-2024-7399 with a CVSS score of 8.8.
- It involves improper limitations on file pathnames within the Samsung MagicINFO 9 Server.
- An unauthenticated attacker can upload JSP files due to insufficient input sanitization.
- This flaw may permit remote code execution, posing significant security risks.
- Samsung released a patch for this vulnerability in version 21.1050 of MagicINFO 9 Server in August 2024.
- Exploitation has been observed in the wild following the publication of PoC code on April 30, 2025.
- Organizations are advised to promptly update to version 21.1050 or newer to protect their systems.
- MagicINFO serves as a comprehensive solution for managing and distributing content across linked displays.
Read More: https://www.securityweek.com/samsung-magicinfo-vulnerability-exploited-days-after-poc-publication/