Improper Access Control in Samsung Push Service
CVE-2023-42542

3.3LOW

Key Information:

Vendor: Samsung
Status: Samsung Push Service
Vendor: CVE Published:; 7 November 2023

What is CVE-2023-42542?

An improper access control vulnerability has been identified in Samsung Push Service versions prior to 3.4.10. This flaw enables local attackers to exploit the system and retrieve the register ID used for device identification. This poses significant privacy risks as unauthorized individuals may potentially gain insights into the device's user information, leading to further security concerns.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Samsung Push Service 3.4.10

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 7, 2023
Vulnerability Reserved
Sep 11, 2023

JSON

Samsung