Lucene search

[email protected]NVD:CVE-2023-21502

HistoryMay 04, 2023 - 9:15 p.m.

CVE-2023-21502

2023-05-0421:15:10

CWE-20

[email protected]

web.nvd.nist.gov

input validation

factorytest

privilege escalation

debugging commands

smr release 1

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.

Affected configurations

Nvd

Node

samsungandroidMatch12.0-

samsungandroidMatch12.0smr-apr-2022-r1

samsungandroidMatch12.0smr-aug-2022-r1

samsungandroidMatch12.0smr-dec-2021-r1

samsungandroidMatch12.0smr-dec-2022-r1

samsungandroidMatch12.0smr-feb-2022-r1

samsungandroidMatch12.0smr-feb-2023-r1

samsungandroidMatch12.0smr-jan-2022-r1

samsungandroidMatch12.0smr-jul-2022-r1

samsungandroidMatch12.0smr-jun-2022-r1

samsungandroidMatch12.0smr-mar-2022-r1

samsungandroidMatch12.0smr-may-2022-r1

samsungandroidMatch12.0smr-nov-2021-r1

samsungandroidMatch12.0smr-nov-2022-r1

samsungandroidMatch12.0smr-oct-2022-r1

samsungandroidMatch12.0smr-sep-2022-r1

samsungandroidMatch13.0-

samsungandroidMatch13.0smr-apr-2023-r1

samsungandroidMatch13.0smr-dec-2022-r1

samsungandroidMatch13.0smr-feb-2023-r1

samsungandroidMatch13.0smr-jan-2023-r1

samsungandroidMatch13.0smr-mar-2023-r1

samsungandroidMatch13.0smr-nov-2022-r1

samsungandroidMatch13.0smr-oct-2022-r1

VendorProductVersionCPE
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*
samsungandroid12.0cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:-::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1::::::
samsung	android	12.0	cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1::::::

Rows per page:

1-10 of 241

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-21502

cvelist1 cve1 prion1