Lucene search

Samsung MobileCVELIST:CVE-2023-30730

HistorySep 06, 2023 - 3:12 a.m.

CVE-2023-30730

2023-09-0603:12:16

Samsung Mobile

www.cve.org

vulnerability

android 11

android 12

android 13

camera

file access

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Camera",
    "versions": [
      {
        "status": "unaffected",
        "version": "11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2023-30730