Lucene search

[email protected]CVE-2023-21438

HistoryFeb 09, 2023 - 7:15 p.m.

CVE-2023-21438

2023-02-0919:15:16

CWE-668

CWE-284

[email protected]

web.nvd.nist.gov

cve-2023-21438

homescreen

smr feb-2023

secure folder

physical attacker

nvd

2.4 Low

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

3.9 Low

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.9%

JSON

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

CPENameOperatorVersion
samsung:androidsamsung androideq11.0
samsung:androidsamsung androideq12.0

CPE	Name	Operator	Version
samsung:android	samsung android	eq	11.0
samsung:android	samsung android	eq	12.0

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02

2.4 Low

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

3.9 Low

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

11.9%

JSON

Related for CVE-2023-21438

prion1