Cybercriminals wasted no time exploiting a critical vulnerability in Samsung’s MagicINFO system just days after a proof-of-concept (PoC) exploit was published online, according to new findings from Arctic Wolf.
The flaw, tracked as CVE-2024-7399 and rated 8.8 on the CVSS scale, affects MagicINFO 9 Server and stems from improper restrictions on file path handling. Due to weak input validation, attackers can upload malicious JavaServer Pages (JSP) files without authentication—leading to remote code execution (RCE) with system-level privileges.
This means an attacker doesn’t even need to log in to compromise the server.
Arctic Wolf reports that exploitation began shortly after a technical breakdown and PoC code were released publicly on April 30, 2025. Despite Samsung issuing a patch in version 21.1050 back in August 2024, the company hasn’t confirmed if the bug is being actively exploited. Still, Arctic Wolf’s telemetry confirms that attacks are already happening in the wild.
The issue lies in how MagicINFO processes filenames—it neither checks the file extension nor confirms user authentication. This allows bad actors to upload arbitrary files that the server may unknowingly execute.
Security experts warn that the combination of a publicly available exploit and minimal effort required to launch an attack makes this flaw especially dangerous. As a result, more threat groups are expected to take advantage of the vulnerability in the coming weeks.
MagicINFO serves as a powerful tool for content delivery and device management. It’s widely used by businesses to remotely create, deploy, and control digital signage content across multiple displays. If left unpatched, this vulnerability could provide attackers with a direct route into enterprise networks, potentially putting sensitive data and infrastructure at risk.
All users are strongly urged to update to MagicINFO 9 Server version 21.1050 or later immediately to stay protected. Applying the patch not only fixes this issue but ensures you’re safeguarded from similar threats in the future.
