Vulnerability cyber

Samsung

May 15, 2025 1 min read
Samsung

Companies running Samsung MagicINFO, a platform for managing content on Samsung commercial digital displays, should upgrade to the latest available version of its v9 branch to fix a vulnerability that’s reportedly being exploited by attackers. The vulnerability in question was believed to be CVE-2024-7399, which was fixed in August 2024. However, confusion arose due to inconsistent information from Samsung. The latest hotfix, MagicINFO 9 Server (Hotfix) 21.1052, mitigates the issue. There is no hotfix for MagicINFO v8, so users should switch to v9 and do it in a particular way: first upgrade to v9 21.1050, and then update to v9 (Hotfix) 21.1052. All customers should investigate whether their instances have been compromised.

Source: https://www.helpnetsecurity.com/2025/05/15/samsung-patches-magicinfo-9-server-vulnerability-exploited-by-attackers/

TPRM report: https://scoringcyber.rankiteo.com/company/samsung-electronics

"id": "sam732051525",
"linkid": "samsung-electronics",
"type": "Vulnerability",
"date": "5/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Samsung',
                        'type': 'Company'}],
 'date_resolved': 'August 2024',
 'description': 'Companies running Samsung MagicINFO, a platform for managing '
                'content on Samsung commercial digital displays, should '
                'upgrade to the latest available version of its v9 branch to '
                'fix a vulnerability that’s reportedly being exploited by '
                'attackers. The vulnerability in question was believed to be '
                'CVE-2024-7399, which was fixed in August 2024. However, '
                'confusion arose due to inconsistent information from Samsung. '
                'The latest hotfix, MagicINFO 9 Server (Hotfix) 21.1052, '
                'mitigates the issue. There is no hotfix for MagicINFO v8, so '
                'users should switch to v9 and do it in a particular way: '
                'first upgrade to v9 21.1050, and then update to v9 (Hotfix) '
                '21.1052. All customers should investigate whether their '
                'instances have been compromised.',
 'impact': {'systems_affected': 'Samsung MagicINFO'},
 'recommendations': ['Upgrade to the latest available version of MagicINFO v9 '
                     'branch'],
 'response': {'communication_strategy': ['All customers should investigate '
                                         'whether their instances have been '
                                         'compromised'],
              'remediation_measures': ['Upgrade to MagicINFO v9 21.1050',
                                       'Update to MagicINFO v9 (Hotfix) '
                                       '21.1052']},
 'title': 'Samsung MagicINFO Vulnerability Exploitation',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2024-7399'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

Apple

public 1 min read
A zero-click attack leveraging a newly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon&…
Jeremy C Jeremy C
Vulnerability cyber

Apache2

public 2 min read
A critical zero-day vulnerability (CVE-2025-33053) in WebDAV implementations allows remote code execution. Advanced persistent threat (APT) groups have actively exploited…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.