Improper Access Control in Galaxy Store by Samsung
CVE-2023-21483

6.4MEDIUM

Key Information:

Vendor: Samsung
Status: Galaxy Store
Vendor: CVE Published:; 3 September 2025

What is CVE-2023-21483?

An improper access control vulnerability has been discovered in the Galaxy Store, allowing local attackers to exploit exported services to gain access to protected user data. This vulnerability underscores the need for enhanced security measures to safeguard sensitive information against unauthorized access. It is crucial for users to update their application to the latest version to mitigate potential risks.

Affected Version(s)

Galaxy Store 4.5.53.6

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Nov 14, 2022