Improper Authentication Vulnerability in Samsung Gallery
CVE-2023-30724

4MEDIUM

Key Information:

Vendor: Samsung
Status: Gallery
Vendor: CVE Published:; 6 September 2023

What is CVE-2023-30724?

An improper authentication vulnerability exists in the GallerySearchProvider component of Samsung's Gallery app prior to version 14.5.01.2. This security flaw permits unauthorized users to access and potentially exploit search history, compromising user privacy. It is critical for users of the affected versions to update to the most recent version to ensure their data security.

Affected Version(s)

Gallery 14.5.01.2

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 6, 2023
Vulnerability Reserved
Apr 14, 2023