Top Samsung Software Hit by attackers to spread malware and kidnapping equipment

Security researchers have abused the wild in Samsung Magicinfo 9 server
It is being used to deploy malware
The bug was fixed in August 2024, so users should now patch

Cyber criminals are misusing a vulnerability in the Samsung Magicinfo 9 server that was patched about a year ago.

Cyber Safety Researchers SSD-evolution published an intensive analysis of the threat against the company’s digital signage content management system (CMS) and published a proof-off-concept (POC).

It is used to manage, schedule and monitor multimedia content in Samsung Smart Displays, and is a popular solution in various industries such as retail, or transport.

POC and misconduct

In August 2024, Samsung announced a remote code execution vulnerability. This described it as an inappropriate range of a patname for a banned directory vulnerability, allowing the attackers to write arbitrary files as a system authority “. It was tracked as CVE-2024–7399, and was given a severity score of 8.8/10 (high).

BlappingCopper It is described as the ability to upload malware through a file upload functionality to update the display content. Samsung addressed it in the 21.1050 edition.

Despite being fixed about a year ago, the danger actors are getting unpublished closing points to target. SSD-Disclosure said the attackers are uploading malicious .JSP files.

In addition, the security firm Arctic Wolf said how, several days after the POC was released, it is levying the blame.

Researchers said, “Given the low barrier to exploitation and the availability of a public POC, the danger actors are likely to continue to target this vulnerability,” the researchers said.

We do not know how successful these attacks are, who are the actors of danger, or how many organizations are suffering. We also do not know that actor -based actors are focusing on a specific industry, or if they are just cast a wide net.

In any case, organizations using Samsung Magicinfo 9 servers are advised to apply the latest patch, or at least bring your software to 21.1050 version 21.1050 to reduce the risk.

Through BlappingCopper

What's Hot

I tried 0patch as a last resort for my Windows 10 PC – here’s how it compares to its promises

A PC Expert Explains Why Don’t Use Your Router’s USB Port When These Options Are Present

New ‘Remote Labor Index’ shows AI fails 97% of the time in freelancer tasks

Why I recommend this budget Motorola phone over cheaper options from Samsung and Google

Do you have a Samsung TV? I changed these 6 settings to speed up the entire system

Holding the Samsung Galaxy Z Trifold made me believe in foldable phones again – and I’m not alone

Microsoft’s new text editor is a VIM and Nano option

The best luxury car for buyers for the first time in 2025

Massives Datenleck in Cloud-Spichenn | CSO online

Most Popular

Google tests AI-operated audio overview in search results for some questions

Yes, this was the original voice of the Garat in the trailer for the thief VR

Best LC10 loadout in call of duty: Warzone

Our Picks