The CERT Coordination Centre (CERT/CC) of the Carnegie Mellon University warns for a vulnerability in Samsung’s Magician software that makes it possible, in certain cases, to utilize it to infect computers with malware. Samsung Magician is a tool to manage, test and update Samsung SSDs.
Prior to version 5.0 of the software, the automatic update feature used unencrypted HTTP to check for, and download, new updates. With version 5.0, Samsung changed to HTTPS, but the tool didn’t properly check the used SSL certificate. This makes it possible for an attacker on the same network as the victim, to perform a man-in-the-middle attack. E.g the attacker could offer a malicious update that could be executed with administrator privileges.
Samsung has now released Magician 5.1. Because the automatic update feature is vulnerable, CERT/CC advises to update Samsung Magician manually till Samsung releases an update that fixes the vulnerability.