Lucene search

Samsung MobileCVE-2023-30683

HistoryAug 10, 2023 - 2:15 a.m.

CVE-2023-30683

2023-08-1002:15:11

Samsung Mobile

web.nvd.nist.gov

2469

cve-2023-30683

telecom

access control

endcall api

security vulnerability

nvd

CVSS3

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.

Affected configurations

Nvd

Node

samsungandroidMatch13.0-

samsungandroidMatch13.0smr-apr-2023-r1

samsungandroidMatch13.0smr-dec-2022-r1

samsungandroidMatch13.0smr-feb-2023-r1

samsungandroidMatch13.0smr-jan-2023-r1

samsungandroidMatch13.0smr-jul-2023-r1

samsungandroidMatch13.0smr-jun-2023-r1

samsungandroidMatch13.0smr-mar-2023-r1

samsungandroidMatch13.0smr-may-2023-r1

samsungandroidMatch13.0smr-nov-2022-r1

samsungandroidMatch13.0smr-oct-2022-r1

VendorProductVersionCPE
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*
samsungandroid13.0cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:-::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1::::::
samsung	android	13.0	cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1::::::

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Mobile Devices",
    "versions": [
      {
        "status": "unaffected",
        "version": "SMR Aug-2023 Release 1"
      }
    ],
    "defaultStatus": "affected"
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08

CVSS3

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-30683