Sensitive Communication Vulnerability in Samsung Account
CVE-2023-42546

6.5MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Account
Vendor: CVE Published:; 7 November 2023

Summary

A vulnerability exists in the Samsung Account related to the use of implicit intents for sensitive communication. Attackers can exploit this flaw in versions prior to 14.5.00.7, potentially allowing unauthorized access to arbitrary files with the privileges associated with the Samsung Account. This risk emphasizes the importance of secure coding practices to prevent unauthorized data access.

Affected Version(s)

Samsung Account 14.5.00.7

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 7, 2023
Vulnerability Reserved
Sep 11, 2023