Lucene search

Samsung MobileCVE-2023-30682

HistoryAug 10, 2023 - 2:15 a.m.

CVE-2023-30682

2023-08-1002:15:10

Samsung Mobile

web.nvd.nist.gov

2468

cve-2023-30682

improper access control

telecom

smr

aug-2023 release 1

local attackers

silenceringer api

nvd

CVSS3

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

Affected configurations

Nvd

Node

samsungandroidMatch13.0-

samsungandroidMatch13.0smr-apr-2023-r1

samsungandroidMatch13.0smr-dec-2022-r1

samsungandroidMatch13.0smr-feb-2023-r1

samsungandroidMatch13.0smr-jan-2023-r1

samsungandroidMatch13.0smr-jul-2023-r1

samsungandroidMatch13.0smr-jun-2023-r1

samsungandroidMatch13.0smr-mar-2023-r1

samsungandroidMatch13.0smr-may-2023-r1

samsungandroidMatch13.0smr-nov-2022-r1

samsungandroidMatch13.0smr-oct-2022-r1

VendorProductVersionCPE
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:-::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1::::::

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Mobile Devices",
    "versions": [
      {
        "status": "unaffected",
        "version": "SMR Aug-2023 Release 1"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08

CVSS3

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-30682