Samsung Magician Software updated after ‘high severity’ security vulnerability found

Samsung's 990 Evo PCIe 4.0/PCIe 5.0 SSD.
(Image credit: Samsung)

Samsung has issued an update to its Magician Software for Windows after a “high severity” vulnerability was found (h/t ComputerBase). The Samsung Magician Software is the firm’s feature-packed storage management utility, but version 8.0.0 is now known to be affected by CVE-2024-23769. Samsung released version 8.0.1 of this utility for PC users, fixing the vulnerability.

The vulnerability with identifier CVE-2024-23769 has a CVE score of 7.3 and is thus classified as a high-severity security issue. According to Samsung, the vulnerability was first reported back on October 30 last year, and it credits Masahiro Iida for reporting the issue.

In typical technical terms, Samsung and NIST describe the vulnerability as allowing “improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.”

What the above means is that an attacker could access the information of a user with higher-level privileges when using a Windows system running Samsung’s software. For example, a guest user may be able to access an admin user’s files. To exploit the vulnerability, the attacker would need local access to the machine with Samsung Magician Software 8.0.0 installed.

(Image credit: Future)

If you have a Samsung SSD, thumb drive, or memory card and use the Windows version of Magician Software, you can head to the downloads page to snag this updated version 8.0.1 release. Android and macOS users are still okay with version 8.0.0, it seems. Furthermore, we don’t know of any other changes delivered to version 8.0.1 for Windows, as there are no release notes for this particular point upgrade (at the time of writing). The newest Windows software installer is a 186MB download.

Samsung SSDs rank highly in our extensively researched and frequently updated Best SSDs 2024: From Budget SATA to Blazing-Fast NVMe feature. In fact, the Samsung 990 Pro, which we reviewed in October 2022, earns the enviable position of the best overall and best M.2 pick from the mass of SSD storage options currently available. It is not to be confused with the similarly named Samsung 990 EVO SSD, which only earned three stars in our review earlier this month.

Mark Tyson
Freelance News Writer

Mark Tyson is a Freelance News Writer at Tom's Hardware US. He enjoys covering the full breadth of PC tech; from business and semiconductor design to products approaching the edge of reason.

  • WrongRookie
    Does this fix the issue " SSD could not be verified on server check proxy"?

    I tried the software and it doesn't even let me change some of the settings for my 980 Pro let alone do a diagnostic scan.
  • waltc3
    I updated to this weeks ago through the update notice in the Magician software. Very easy to do. BTW, I have no problems with settings for my 980 Pro 500GB or my 980 Pro 2TB version, diagnostics work fine.
  • USAFRet

    "Users should update this SSD toolbox to version 8.0.1."

  • waltc3
    Mine says 8.0.1 is the latest version. I'd recommend you reinstall...Also, mine opens on a small screen every time, so I'd advise you look more carefully at the software before making weird pronouncements about it. Works perfectly here. My Samsung firmware has also been updated more than once. That's wrong, too.
  • Alvar "Miles" Udell
    Jesus, it also now launches full screen instead of an appropriately sized window and is not manually resizable. Good thing Samsung never updates the firmware of their drives so I don't have to launch it.