Protection Mechanism Failure in Samsung Blockchain Keystore Product
CVE-2023-30722

5.5MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Blockchain Keystore
Vendor: CVE Published:; 6 September 2023

What is CVE-2023-30722?

A protection mechanism failure in the Samsung Blockchain Keystore's bc_tui trustlet allows a local attacker to potentially execute arbitrary code. This vulnerability affects versions prior to 1.3.13.5, highlighting the importance of updating to the latest version to mitigate risks associated with unauthorized code execution capabilities.

Affected Version(s)

Samsung Blockchain Keystore 1.3.13.5

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2023
Vulnerability Reserved
Apr 14, 2023