### [CVE-2024-49406](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49406)
![](https://img.shields.io/static/v1?label=Product&message=Blockchain%20Keystore&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-354%20Improper%20Validation%20of%20Integrity%20Check%20Value&color=brightgreen)

### Description

Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability.

### POC

#### Reference
- https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=11

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds