Lucene search

Samsung MobileCVELIST:CVE-2023-30726

HistorySep 06, 2023 - 3:12 a.m.

CVE-2023-30726

2023-09-0603:12:13

Samsung Mobile

www.cve.org

pendingintent hijacking

gamelauncher

vulnerability

local attackers

data access

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

5.1%

JSON

PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "GameLauncher ",
    "versions": [
      {
        "status": "unaffected",
        "version": " 4.2.59.5"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2023-30726