Zip Path Traversal Vulnerability in Samsung Calendar Application
CVE-2023-30678

5.1MEDIUM

Key Information:

Vendor: Samsung
Status: Calendar
Vendor: CVE Published:; 6 July 2023

Summary

A zip path traversal vulnerability exists in the Samsung Calendar application for Android 13. This flaw allows attackers to exploit the system, enabling them to write arbitrary files on the device. The vulnerability affects versions prior to 12.4.07.15. Users are urged to update their applications to the latest version for protection against potential attacks.

Affected Version(s)

Calendar 12.4.07.15 in Android 13

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 6, 2023
Vulnerability Reserved
Apr 14, 2023