Improper Privilege Management in Samsung Smart Switch for Windows Installer
CVE-2023-30672

6.8MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Smart Switch
Vendor: CVE Published:; 6 July 2023

What is CVE-2023-30672?

A vulnerability exists within the Samsung Smart Switch for Windows Installer that permits attackers to exploit improper privilege management mechanisms. This flaw allows an unauthorized user to create a directory junction, which could lead to a scenario where the system may experience a permanent Denial of Service (DoS). It is crucial for users to update their software to version 4.3.23043_3 or later to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

Samsung Smart Switch 4.3.23043_3

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 6, 2023
Vulnerability Reserved
Apr 14, 2023