Improper Access Control Vulnerability in BixbyTouch by Samsung
CVE-2023-21465

5.5MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
16 March 2023

What is CVE-2023-21465?

An improper access control vulnerability exists in BixbyTouch for models in China prior to version 3.2.02.5, enabling untrusted applications to access local files without authorization. This poses a significant risk as it may lead to unauthorized data exposure and manipulation.

Affected Version(s)

Bixby Touch < 3.2.02.5

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.