Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2024-20837

Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.

  • Published: Mar 5, 2024
  • Updated: Nov 16, 2025
  • CVE: CVE-2024-20837
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

No CWE or OWASP classifications available.

Software From Fixed in
samsung / internet - 24.0.0.41