Lucene search

Samsung MobileCVE-2023-30726

HistorySep 06, 2023 - 4:15 a.m.

CVE-2023-30726

2023-09-0604:15:16

Samsung Mobile

web.nvd.nist.gov

cve-2023-30726

gamelauncher

pendingintent hijacking

vulnerability

data access

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data.

Affected configurations

Nvd

Node

samsunggamelauncherRange<4.2.59.5

VendorProductVersionCPE
samsunggamelauncher*cpe:2.3:a:samsung:gamelauncher:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	gamelauncher	*	cpe:2.3:a:samsung:gamelauncher::::::::

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "GameLauncher ",
    "versions": [
      {
        "status": "unaffected",
        "version": " 4.2.59.5"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-30726