Improper Authentication in Samsung Pass Affects User Security
CVE-2023-42575
5.4MEDIUM
Summary
An improper authentication vulnerability in Samsung Pass allows physical attackers to bypass security measures due to an invalid flag setting in versions prior to 4.3.00.17. This flaw poses a significant risk to user data as unauthorized individuals may gain access to sensitive information. Users are advised to update their Samsung Pass to the latest version to mitigate this vulnerability.
Affected Version(s)
Samsung Pass 4.3.00.17
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved