Magician

This hub aggregates every CVE we track for Magician, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 8 most recently published vulnerabilities affecting Magician.

• CVE-2025-57836An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform ...7.8Jan 5, 2026
• CVE-2025-32098An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update pro...5.3Sep 2, 2025
• CVE-2024-53921An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installatio...2.8Dec 3, 2024
• CVE-2024-36071Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Sear...6.3Jun 20, 2024
• CVE-2024-31953An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate p...6.7May 9, 2024
• CVE-2024-31952An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The...6.7May 9, 2024
• CVE-2024-23769Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.7.3Feb 7, 2024
• CVE-2017-3218Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.8.8Jun 21, 2017